Main Vulnerability Database Exploits ID:4291 - Exploit for Path traversal in ZoneMinder - CVE-2013-0332

ID:4291 - Exploit for Path traversal in ZoneMinder - CVE-2013-0332

Published: August 11, 2020

Vulnerability identifier: #VU42984

Vulnerability risk: Medium

CVE-ID: CVE-2013-0332

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
ZoneMinder

Link to public exploit:

https://www.exploit-db.com/exploits/17593/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) view, (2) request, or (3) action parameter.

Remediation

Install update from vendor's website.

ID:4291 - Exploit for Path traversal in ZoneMinder - CVE-2013-0332

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human