4 matches found
CVE-2023-26039
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl in /web/api/app/Controller/HostController.php. Any authenticated user can...
Linux Distros Unpatched Vulnerability : CVE-2023-26039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33...
CVE-2023-26039 ZoneMinder vulnerable to OS Command injection in daemonControl() API
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl in /web/api/app/Controller/HostController.php. Any authenticated user can...
CVE-2023-26039
ZoneMinder (CVE-2023-26039) is affected in versions prior to 1.36.33 and 1.37.33. The vulnerability is an OS Command Injection via daemonControl() in /web/api/app/Controller/HostController.php, allowing any authenticated user to run arbitrary shell commands as the web user. This is addressed by p...