ZoneMinder prior to 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zoneminder zoneminder |