Vulnerability Description
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the current logged in victim. If the victim visits a malicious web page, the attacker can silently and automatically create a new admin user within the web application for remote persistence and further attacks. The URL is /zm/index.php and sample parameters could include action=user uid=0 newUser[Username]=attacker1 newUser[Password]=Password1234 conf_password=Password1234 newUser[System]=Edit (among others).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zoneminder | Zoneminder | 1.29.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/bugtraq/2017/Feb/6ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Feb/11ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/96126
- http://seclists.org/bugtraq/2017/Feb/6ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Feb/11ExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/96126
FAQ
What is CVE-2017-5368?
CVE-2017-5368 is a vulnerability with a CVSS score of 8.8 (HIGH). ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF (Cross Site Request Forgery) which allows a remote attack to make changes to the web application as the cu...
How severe is CVE-2017-5368?
CVE-2017-5368 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-5368?
Check the references section above for vendor advisories and patch information. Affected products include: Zoneminder Zoneminder.