Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

GithubExploit
GithubExploitadded 2026/03/08 1:47 a.m.179 views

Exploit for OS Command Injection in Motioneye_Project Motioneye

CVE-2025-60787 - Authenticated RCE in motionEye PoC for CVE-...

7.2CVSS5.8AI score0.57917EPSS
Exploits16
OpenVAS
OpenVASadded 2025/11/06 12:0 a.m.4 views

motionEye <= 0.43.1b4 OS Command Injection Vulnerability

motionEye is prone to an authenticated OS command injection vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.2CVSS7AI score0.57917EPSS
Exploits16References1
Packet Storm
Packet Stormadded 2025/10/10 12:0 a.m.153 views

📄 MotionEye Frontend 0.43.1b4 Remote Code Execution

This Metasploit module exploits a template injection vulnerability in the MotionEye Frontend. MotionEye Frontend versions 0.43.1b4 and prior are vulnerable to OS command injection in configuration parameters such as imagefilename. Unsanitized user input is written to MotionEye Frontend...

7.2CVSS8.5AI score0.57917EPSS
Exploits16
OSV
OSVadded 2025/10/03 6:31 p.m.1 views

GHSA-26F6-WM47-7H7J Duplicate Advisory: motionEye vulnerable to RCE via unsanitized motion config parameter

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-j945-qm58-4gjx. This link is maintained to preserve external references. Original Description MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as imagefilenam...

7.2CVSS7.8AI score0.57917EPSS
Exploits16References3
OSV
OSVadded 2025/10/03 4:16 p.m.4 views

CVE-2025-60787

MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as imagefilename. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted...

7.2CVSS7.9AI score
Exploits0References2
GithubExploit
GithubExploitadded 2025/10/03 3:20 p.m.541 views

Exploit for CVE-2025-60787

CVE-2025-60787 CVE-2025-60787 Poc - RCE - MotionEye = 0.43...

8.6AI score0.57917EPSS
Exploits16
Snyk
Snykadded 2025/05/14 4:44 p.m.3 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the addcamera API. An attacker with admin credentials can execute arbitrary commands within a non-interactive shell environment by constructing a malicious device path. This is only exploitable if the attacker has...

9.8CVSS7.9AI score0.00331EPSS
Exploits0References2
PyPA
PyPAadded 2025/05/14 4:15 p.m.7 views

PYSEC-2025-39

motionEye is an online interface for the software motion, a video surveillance program with motion detection. In versions 0.43.1b1 through 0.43.1b3, using a constructed camera device path with the add/addcamera motionEye web API allows an attacker with motionEye admin user credentials to execute...

9.3CVSS7.3AI score0.00331EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder