Recently it was found that Plex had a vulnerability that allowed hackers to do a full system takeover.
If hackers are able to exploit this vulnerability they could execute code to gain access to all files, create backdoors and even move to other devices on the network.
Update to the latest version
Make sure that you are not vulnerable, log into your plex server and update right away.
“We have rolled out a change in our update distribution servers. This change will protect Plex Media Server version 1.18.2 or newer,” the Plex Security Team said. “Plex Media Server installations older than 1.18.2 will still be exploitable and we highly encourage users on older releases to upgrade.”
“Additionally, Plex Media Server versions 18.104.22.16801 & 22.214.171.12402 (and newer) features additional hardening in the updater infrastructure to protect against future vulnerabilities. We recommended for all users to update to one of these releases.”
Plex also resolved the CVE-2020-5742 vulnerability by enabling automatic alerts on authentication pages to notify Plex users when they are logging into a media server that’s not hosted by Plex.