Lucene search

CVE-2023-26036

🗓️ 25 Feb 2023 02:13:15Reported by GitHub_MType

cve🔗 web.nvd.nist.gov👁 38 Views🌐 WEB

ZoneMinder 1.36.33 and 1.37.33 Local File Inclusion Vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2023-26036	5 Mar 202500:00	–	nessus
UbuntuCve	CVE-2023-26036	25 Feb 202300:00	–	ubuntucve
Cvelist	CVE-2023-26036 ZoneMinder contains Local File Inclusion vulnerability	25 Feb 202301:13	–	cvelist
Prion	Double free	25 Feb 202302:15	–	prion
OSV	CVE-2023-26036	25 Feb 202302:15	–	osv
Vulnrichment	CVE-2023-26036 ZoneMinder contains Local File Inclusion vulnerability	25 Feb 202301:13	–	vulnrichment
Debian CVE	CVE-2023-26036	25 Feb 202302:15	–	debiancve
NVD	CVE-2023-26036	25 Feb 202302:15	–	nvd
OpenVAS	ZoneMinder < 1.36.33, 1.37.x < 1.37.33 Multiple Vulnerabilities	27 Feb 202300:00	–	openvas

Nvd

Vulners

Node

zoneminder zoneminderRange<1.36.33

zoneminder zoneminderRange1.37.00–1.37.33

[
  {
    "vendor": "ZoneMinder",
    "product": "zoneminder",
    "versions": [
      {
        "version": "< 1.36.33",
        "status": "affected"
      },
      {
        "version": ">= 1.37.0, < 1.37.33",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h5m9-6jjc-cgmw

Parameter	Position	Path	Description	CWE
view	query param	/web/index.php	Local File Inclusion vulnerability allows execution of local .php files due to improper sanitization of the file path.	CWE-426

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Feb 2023 02:15Current

8.6High risk

Vulners AI Score8.6

CVSS38.1 - 9.8

EPSS0.00136

SSVC

CWE-426