High severityNVD Advisory· Published Oct 3, 2025· Updated Oct 3, 2025
CVE-2025-60787
CVE-2025-60787
Description
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
motioneyePyPI | < 0.43.1b5 | 0.43.1b5 |
Affected products
2- MotionEye/MotionEyedescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.