Exploit for OS Command Injection in Frigate

⚠️ CVE-2026-25643 - Detect and Analyze Remote Code Execution...

CVE-2026-25643 Frigate Affected by Authenticated Remote Command Execution (RCE) and Container Escape

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution RCE vulnerability has been identified in the Frigate integration with go2rtc. The application does not sanitize user input in the video stream...

PT-2026-6784

Name of the Vulnerable Software and Affected Versions Frigate versions prior to 0.16.4 Description Frigate is a network video recorder NVR with realtime local object detection for IP cameras. A critical Remote Command Execution RCE issue exists in the Frigate integration with go2rtc. The...

Frigate 安全漏洞

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Versions of Frigate prior to 0.16.4 contained a security vulnerability. This vulnerability stemmed from uncleaned user input in video stream configurations, which could lead to...

CVE-2020-37049

Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a specially crafted inp...

CVE-2020-37049

CVE-2020-37049 affects Frigate 3.36.0.9. The vulnerability is a local buffer overflow in the Command Line input field that can allow an attacker to execute arbitrary code, bypass DEP, and run commands (e.g., calc.exe) via a specially crafted input sequence. Exploitation details and a PoC exist in...

CVE-2020-37039

CVE-2020-37039 (Frigate 2.02) is a denial-of-service vulnerability where an attacker can crash the application by supplying oversized input to the command line interface. A payload of 8000 repeated characters pasted into the CLI triggers the crash. Public metrics show a high-severity impact (CVSS...

CVE-2023-45671

Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, there is a reflected cross-site scripting vulnerability in any API endpoints reliant on the / base path as values provided for the path are not sanitized. Exploiting this vulnerability requires the attacker to both...

CVE-2025-62382

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.2, Frigate's export workflow allows an authenticated operator to nominate any filesystem location as the thumbnail source for a video export. Because that path is copied verbatim into the...

CVE-2025-62382 Frigate Vulnerable to Arbitrary File Read via Export Thumbnail "image_path" parameter

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to 0.16.2, Frigate's export workflow allows an authenticated operator to nominate any filesystem location as the thumbnail source for a video export. Because that path is copied verbatim into the...

Frigate Code Issue Vulnerability

Frigate is a complete local NVR designed for home assistants with AI object detection by Blake Blackshear Personal Developer. A code issue vulnerability exists in versions prior to Frigate 0.13.0 Beta 3 that stems from the presence of an insecure deserialization vulnerability that could lead to...

PT-2023-29641 · Frigate · Frigate

Name of the Vulnerable Software and Affected Versions: Frigate versions prior to 0.13.0 Beta 3 Description: Frigate is an open source network video recorder. An unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate, which can lead to...

Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow (SEH) (PoC)

Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow SEH PoC Vendor Homepage: http://www.frigate3.com/ Software Link Download: http://www.frigate3.com/download/frigate3pro.exe Exploit Author: Paras Bhatia Discovery Date: 2020-06-07 Vulnerable Software: Frigate Version: "Command...