Unrated severityNVD Advisory· Published Apr 26, 2022· Updated Aug 3, 2024
CVE-2022-29806
CVE-2022-29806
Description
ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <1.36.13
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/166980/ZoneMinder-Language-Settings-Remote-Code-Execution.htmlmitrex_refsource_MISC
- forums.zoneminder.com/viewtopic.phpmitrex_refsource_MISC
- github.com/ZoneMinder/zoneminder/commit/9fee64b62fbdff5bf5ece1d617f1f53c7b1967cbmitrex_refsource_MISC
- github.com/ZoneMinder/zoneminder/releases/tag/1.36.13mitrex_refsource_MISC
- krastanoel.com/cve/2022-29806mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.