Описание
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others).
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | DNE | |
| cosmic | not-affected | 1.30.4+dfsg1-5 |
| devel | not-affected | 1.30.4+dfsg1-5 |
| disco | not-affected | 1.30.4+dfsg1-5 |
| eoan | not-affected | 1.30.4+dfsg1-5 |
| esm-apps/focal | not-affected | 1.30.4+dfsg1-5 |
| esm-apps/jammy | not-affected | 1.30.4+dfsg1-5 |
| esm-apps/noble | not-affected | 1.30.4+dfsg1-5 |
| esm-apps/xenial | needed |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others).
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application ...
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others).
6.8 Medium
CVSS2
8.8 High
CVSS3