4 matches found
Unrestricted Upload of File with Dangerous Type in motionEye
motionEye = 0.42.1 and motioneEyeOS = 20200606 allow a remote attacker to upload a configuration backup file containing a malicious python pickle file. This is possible when an installation is accessible over the Internet and uses no or poor authentication credentials. The GitHub repositories for...
GHSA-M2C7-42RF-C62F Unrestricted Upload of File with Dangerous Type in motionEye
motionEye = 0.42.1 and motioneEyeOS = 20200606 allow a remote attacker to upload a configuration backup file containing a malicious python pickle file. This is possible when an installation is accessible over the Internet and uses no or poor authentication credentials. The GitHub repositories for...
CVE-2021-44255
MotionEye (≤ 0.42.1) and MotionEyeOS (≤ 20200606) expose an authenticated RCE via uploading a configuration backup containing a malicious Python pickle. This allows a remote attacker to execute arbitrary code on the server when the installation is reachable over the Internet with weak/absent auth...
motionEyeOS和MotionEye-Project MotionEye 访问控制错误漏洞
Both motionEyeOS and MotionEye-Project MotionEye are products of Calin Crisan, an individual developer. motionEyeOS is a video surveillance operating system for single-board computers. motionEye-Project MotionEye is a web-based motion front-end. An access control error vulnerability exists in...