Nmap scan reveals mail address

Plex Media Server Remote Access
1

Server Version#: 1.24.4.5081-e362dc1ee
Player Version#:

I recently enabled Remote Access, and, out of pure curiosity, I performed a standard nmap scan of the Plex Port: (nmap version 7.80, debian bullseye).

nmap -p32400 -A MyIPAddress | xmllint --format | less -N -R

and this revealed my personal email address,

...myPlexUsername=\"some\.guy@gmail\.com\"....

I then went back to Settings → Account → Username, to check whether the box Allow username to be used when signing in was indeed properly ticked, and it is and it was. I am not
sure this is the proper thing, since this seems to refer to access credentials, while the nmap scan cannot have presented any, it just read the XML file that it managed to wrestle from the Plex Server.

It is clear that this is a security risk, which allows identification of the server owner, and, by extension, of the whole LAN. Is it a bug, or a feature? Is there any way to change this, or correct the bug?

The only mitigation I have been able to setup is of course the use of a non-standard port.

Cheers

2

Did you scan from within the same local/private network as the server?

Did you disable authentication for your local subnet? Network | Plex Support “List of IP addresses and networks that are allowed without auth”

1 Like
3

Yes, this indeed is the correct answer: while scanning from outside my LAN, my email address is not sent out in plain text, as a reply to a simple nmap scan. Ditto if I turn off automatic authentication for the same local subnet.

So there is no issue here, thank you for your reply.

1 Like
4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.