CVE-2023-26035 PoC — ZoneMinder 安全漏洞

Source

https://github.com/heapbytes/CVE-2023-26035

Associated Vulnerability

Title:ZoneMinder 安全漏洞 (CVE-2023-26035)
Description:ZoneMinder是一套开源的视频监控软件系统。该系统支持IP、USB和模拟摄像机等。 ZoneMinder 1.36.33之前版本和1.37.33之前版本存在安全漏洞，该漏洞源于存在通过缺失授权进行未经认证的远程代码执行的漏洞。

Description

POC script for CVE-2023-26035 (zoneminder 1.36.32)

Readme

# POC for CVE-2023-26035

> Works for ZoneMinder (Versions prior to 1.36.33 and 1.37.33)
- Vulnerability : Remote Code Execution (RCE)


# Usage

```bash
└─➜ python3 poc.py -h
usage: poc.py [-h] --target TARGET --cmd CMD
poc.py: error: the following arguments are required: --target, --cmd

```

## Curl 

- Before jumping to rev shell, try this first, if you get hit, the service is vulnerable

![curl](./imgs/curl.png)

## Reverse Shell

![revshell](./imgs/pwn.png)

# References : 

https://nvd.nist.gov/vuln/detail/CVE-2023-26035 <br />
https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/webapp/zoneminder_snapshots.rb

## NOTE
> This script is just an alternate version for metasploit-framework script.

File Snapshot


 [4.0K]  /data/pocs/22e242b3401735dabb69d933f11b6a518504d6d1
├── [4.0K]  imgs
│   ├── [1.6M]  curl.png
│   └── [1.6M]  pwn.png
├── [2.1K]  poc.py
└── [ 745]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!