cve/2019/CVE-2019-8427.md

CVE-2019-8427

Description

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.

POC

Reference

• https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection
• https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/LoRexxar/LoRexxar