CVSS: 10.0EPSS: 79%CPEs: 2EXPL: 7CVE-2023-26035 – ZoneMinder vulnerable to Missing Authorization
https://notcve.org/view.php?id=CVE-2023-26035
25 Feb 2023 — ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is... • https://packetstorm.news/files/id/175675 • CWE-862: Missing Authorization •
CVSS: 9.6EPSS: 1%CPEs: 2EXPL: 1CVE-2023-26034 – ZoneMinder SQL Injection
https://notcve.org/view.php?id=CVE-2023-26034
25 Feb 2023 — ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The (blind) SQL Injection vulnerability is present within the `filter[Query][terms][0][attr]` query string parameter of the `/zm/index.php` endpoint. A user with the View or Edit permissions of Events may execute arbitrary SQL. The resulting impact can include unauthorized data access (and mo... • https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-222j-wh8m-xjrx • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-26032 – ZoneMinder contains SQL injection via malicious Jason Web Token
https://notcve.org/view.php?id=CVE-2023-26032
25 Feb 2023 — ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL query to load the user. If an attacker could determine the HASH key used by ZoneMinder, they could generate a malicious JWT token and use it to execute arbitrary SQL. This issue is fixed in versions 1.36.33 and 1.37.... • https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-6c72-q9mw-mwx9 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.7EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25825 – ZoneMinder contains Cross-site Scripting via log viewing
https://notcve.org/view.php?id=CVE-2023-25825
25 Feb 2023 — ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field. This is unescaped when viewing the logs in the web ui. This issue is patched in version 1.36.33. • https://github.com/ZoneMinder/zoneminder/commit/4637eaf9ea530193e0897ec48899f5638bdd6d81 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30768
https://notcve.org/view.php?id=CVE-2022-30768
15 Nov 2022 — A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other users logged into the platform) clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 and requires a different attack method. Un problema de Cross Site Scripting (XSS) almacenado en ZoneMinder 1.36.12 permite a un atacante ejecutar código HTML o JavaScript a través del campo Nombre de Usuario cuand... • https://github.com/ZoneMinder/zoneminder/releases • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-30769
https://notcve.org/view.php?id=CVE-2022-30769
15 Nov 2022 — Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user. La fijación de sesiones existe en ZoneMinder hasta la versión 1.36.12, ya que un atacante puede envenenar una cookie de sesión para el siguiente usuario que haya iniciado sesión. • https://github.com/ZoneMinder/zoneminder/releases • CWE-384: Session Fixation •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 3CVE-2022-39285 – Stored Cross-Site Scripting Vulnerability In File Parameter in zoneminder
https://notcve.org/view.php?id=CVE-2022-39285
07 Oct 2022 — ZoneMinder is a free, open source Closed-circuit television software application The file parameter is vulnerable to a cross site scripting vulnerability (XSS) by backing out of the current "tr" "td" brackets. This then allows a malicious user to provide code that will execute when a user views the specific log on the "view=log" page. This vulnerability allows an attacker to store code within the logs that will be executed when loaded by a legitimate user. These actions will be performed with the permission... • https://packetstorm.news/files/id/171498 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2022-39289 – Database log access in ZoneMinder
https://notcve.org/view.php?id=CVE-2022-39289
07 Oct 2022 — ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as possible. Users unable to upgrade should disable database logging. ZoneMinder es una aplicación de software de televisión en circuito cerrado, gratuita y de código abierto. • https://github.com/ZoneMinder/zoneminder/commit/34ffd92bf123070cab6c83ad4cfe6297dd0ed0b4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 1%CPEs: 2EXPL: 3CVE-2022-39291 – Denial of service through logs in zoneminder
https://notcve.org/view.php?id=CVE-2022-39291
07 Oct 2022 — ZoneMinder is a free, open source Closed-circuit television software application. Affected versions of zoneminder are subject to a vulnerability which allows users with "View" system permissions to inject new data into the logs stored by Zoneminder. This was observed through an HTTP POST request containing log information to the "/zm/index.php" endpoint. Submission is not rate controlled and could affect database performance and/or consume all storage resources. Users are advised to upgrade. • https://packetstorm.news/files/id/171498 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 1%CPEs: 2EXPL: 3CVE-2022-39290 – CSRF key bypass using HTTP methods in zoneminder
https://notcve.org/view.php?id=CVE-2022-39290
07 Oct 2022 — ZoneMinder is a free, open source Closed-circuit television software application. In affected versions authenticated users can bypass CSRF keys by modifying the request supplied to the Zoneminder web application. These modifications include replacing HTTP POST with an HTTP GET and removing the CSRF key from the request. An attacker can take advantage of this by using an HTTP GET request to perform actions with no CSRF protection. This could allow an attacker to cause an authenticated user to perform unexpec... • https://packetstorm.news/files/id/171498 • CWE-287: Improper Authentication •