Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-65791

Опубликовано: 18 фев. 2026
Источник: nvd
CVSS3: 9.8
EPSS Низкий

Описание

ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec() function. NOTE: this is disputed by the Supplier because there is no unsanitized user input to web/views/image.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:zoneminder:zoneminder:1.36.34:*:*:*:*:*:*:*

EPSS

Процентиль: 46%
0.00232
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78

Связанные уязвимости

ubuntu логотип

CVE-2025-65791

CVSS3: 9.8
ubuntu
около 1 месяца назад

ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec() function. NOTE: this is disputed by the Supplier because there is no unsanitized user input to web/views/image.php.

debian логотип

CVE-2025-65791

CVSS3: 9.8
debian
около 1 месяца назад

ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/im ...

github логотип

GHSA-xw73-fccw-fgc4

CVSS3: 9.8
github
около 1 месяца назад

ZoneMinder v1.36.34 is vulnerable to Command Injection in web/views/image.php. The application passes unsanitized user input directly to the exec() function.

EPSS

Процентиль: 46%
0.00232
Низкий

9.8 Critical

CVSS3

Дефекты

CWE-78