Description
ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-of-service vulnerability. The device can be shut down or rebooted by an unauthenticated attacker through a single crafted HTTP GET request, allowing remote interruption of service availability.
Published: 2025-11-14
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Dec 2025 12:30:00 +0000

Type Values Removed Values Added
First Time appeared Request
Request serious Play Pro
CPEs cpe:2.3:a:request_serious_play:request_serious_play:2.0.1.823:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.3.2.4203:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.4.2.4681:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.5.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:7.0.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play_pro:7.0.3.4968:*:*:*:*:*:*:*		 cpe:2.3:a:request:serious_play_pro:2.0.1.823:*:*:*:*:*:*:*
cpe:2.3:a:request:serious_play_pro:6.3.2.4203:*:*:*:*:*:*:*
cpe:2.3:a:request:serious_play_pro:6.4.2.4681:*:*:*:*:*:*:*
cpe:2.3:a:request:serious_play_pro:6.5.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request:serious_play_pro:7.0.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request:serious_play_pro:7.0.3.4968:*:*:*:*:*:*:*
Vendors & Products Request
Request serious Play Pro

Tue, 18 Nov 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 18 Nov 2025 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:request_serious_play:request_serious_play:2.0.1.823:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.3.2.4203:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.4.2.4681:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:6.5.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play:7.0.2.4954:*:*:*:*:*:*:*
cpe:2.3:a:request_serious_play:request_serious_play_pro:7.0.3.4968:*:*:*:*:*:*:*

Sat, 15 Nov 2025 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Request Serious Play
Request Serious Play request Serious Play
Request Serious Play request Serious Play Pro
Vendors & Products Request Serious Play
Request Serious Play request Serious Play
Request Serious Play request Serious Play Pro

Fri, 14 Nov 2025 23:00:00 +0000

Type Values Removed Values Added
Description ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 contain a remote denial-of-service vulnerability. The device can be shut down or rebooted by an unauthenticated attacker through a single crafted HTTP GET request, allowing remote interruption of service availability.
Title ReQuest Serious Play F3 Media Server <= 7.0.3 Remote DoS
Weaknesses CWE-400
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Request Serious Play Pro
Request Serious Play Request Serious Play Request Serious Play Pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:05:26.396Z

Reserved: 2025-11-14T18:47:13.964Z

Link: CVE-2021-4465

cve-icon Vulnrichment

Updated: 2025-11-18T16:28:02.701Z

cve-icon NVD

Status : Deferred

Published: 2025-11-14T23:15:42.177

Modified: 2026-04-15T00:35:42.020

Link: CVE-2021-4465

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-11-15T22:07:35Z

Weaknesses