Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Database log access in ZoneMinder
Vulnerability Description
ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as possible. Users unable to upgrade should disable database logging.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
信息暴露
Vulnerability Title
ZoneMinder 信息泄露漏洞
Vulnerability Description
ZoneMinder是一套开源的视频监控软件系统。该系统支持IP、USB和模拟摄像机等。 ZoneMinder 1.36.26及之前版本、1.37.23及之前版本存在信息泄露漏洞,该漏洞源于ZoneMinder API 向没有权限的用户公开数据库日志内容,允许在没有系统权限的情况下插入、修改、删除日志。
CVSS Information
N/A
Vulnerability Type
N/A