Tag

#zoneminder

1 post tagged "zoneminder".

#vulnerability-research
#camaleon-cms
#command-injection
#cve
#path-traversal
#php
#rce
#ruby
#zoneminder

Two Sinks, One Shell: OS Command Injection in ZoneMinder

ZoneMinder's event export concatenates monitor names directly into shell commands. One unsanitized source, two exec() sinks, and a payload that someone else can trigger for you.

I investigato

June 5, 2026 2 min read

vulnerability-research php command-injection zoneminder rce