GHSA-G5MQ-PRX7-C588 motionEye vulnerable to RCE in add_camera Function Due to unsafe command execution
Summary Using a constructed camera device path with the config/add/addcamera motionEye web API allows an attacker with motionEye admin user credentials to execute any UNIX shell code within a non-interactive shell as executing user of the motionEye instance, motion by default. function call stack...