NVD

Id
36588  
Name
CVE-2013-0232  
Description
includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2013-03-20  
Modified Date
2013-08-29  
Seq
2013-0232  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
186932 36588 CVE-2013-0232 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910  View
186933 36588 CVE-2013-0232 http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/  View
186934 36588 CVE-2013-0232 DSA-2640  View
186935 36588 CVE-2013-0232 24310  View
186936 36588 CVE-2013-0232 [oss-security] 20130128 Re: CVE Request: zoneminder: arbitrary command execution vulnerability  View
186937 36588 CVE-2013-0232 http://www.zoneminder.com/forums/viewtopic.php?f=29&t=20771  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20371 JVNDB-2013-001946 ZoneMinder の includes/functions.php における任意のコマンドを実行される脆弱性 ZoneMinder には、任意のコマンドを実行される脆弱性が存在します。 CVE-2013-0232 60174 CVE-2013-0232 36588 7.5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001946.html 2013-01-25 2013-03-22 View