CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0232

includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.782

EPSS Ranking 99.0%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2013-0232

Zoneminder » Zoneminder » Version: 1.24.0

cpe:2.3:a:zoneminder:zoneminder:1.24.0
Zoneminder » Zoneminder » Version: 1.24.1

cpe:2.3:a:zoneminder:zoneminder:1.24.1
Zoneminder » Zoneminder » Version: 1.24.2

cpe:2.3:a:zoneminder:zoneminder:1.24.2
Zoneminder » Zoneminder » Version: 1.24.3

cpe:2.3:a:zoneminder:zoneminder:1.24.3
Zoneminder » Zoneminder » Version: 1.24.4

cpe:2.3:a:zoneminder:zoneminder:1.24.4
Zoneminder » Zoneminder » Version: 1.25.0

cpe:2.3:a:zoneminder:zoneminder:1.25.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-0232

Products

Pricing

Contact Us