GHSA-M2C7-42RF-C62F Unrestricted Upload of File with Dangerous Type in motionEye

motionEye = 0.42.1 and motioneEyeOS = 20200606 allow a remote attacker to upload a configuration backup file containing a malicious python pickle file. This is possible when an installation is accessible over the Internet and uses no or poor authentication credentials. The GitHub repositories for...

Unrestricted Upload of File with Dangerous Type in motionEye

motionEye = 0.42.1 and motioneEyeOS = 20200606 allow a remote attacker to upload a configuration backup file containing a malicious python pickle file. This is possible when an installation is accessible over the Internet and uses no or poor authentication credentials. The GitHub repositories for...

CVE-2021-44255

MotionEye (≤ 0.42.1) and MotionEyeOS (≤ 20200606) expose an authenticated RCE via uploading a configuration backup containing a malicious Python pickle. This allows a remote attacker to execute arbitrary code on the server when the installation is reachable over the Internet with weak/absent auth...

motionEyeOS和MotionEye-Project MotionEye 访问控制错误漏洞

Both motionEyeOS and MotionEye-Project MotionEye are products of Calin Crisan, an individual developer. motionEyeOS is a video surveillance operating system for single-board computers. motionEye-Project MotionEye is a web-based motion front-end. An access control error vulnerability exists in...