N/A

Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server.

N/A

N/A

motionEyeOS和MotionEye-Project MotionEye 访问控制错误漏洞

motionEyeOS和MotionEye-Project MotionEye都是Calin Crisan个人开发者的产品。motionEyeOS是一种用于单板计算机的视频监控操作系统。MotionEye-Project MotionEye是一个基于网络的运动前端。 MotionEye <= 0.42.1和 motionEyeOS <= 20200606存在访问控制错误漏洞，该漏洞源于经过身份验证的远程代码执行允许远程攻击者可利用该漏洞上传包含恶意python pickle文件的配置备份文件，该文件将在服

N/A

N/A