ID:10666 - Exploit for Input validation error in ZoneMinder - CVE-2022-39291

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10666 - Exploit for Input validation error in ZoneMinder - CVE-2022-39291

ID:10666 - Exploit for Input validation error in ZoneMinder - CVE-2022-39291

Published: October 25, 2024


Vulnerability identifier: #VU68391
Vulnerability risk: Low
CVE-ID: CVE-2022-39291
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
ZoneMinder

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input in the /zm/index.php endpoint. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.


Remediation

Install updates from vendor's website.