CVE-2008-3882

EPSS 4.7%

Published: 9/2/2008Modified: 4/28/2026

Description

Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and earlier allows remote attackers to execute arbitrary commands via (1) the executeFilter function in zm_html_view_events.php and (2) the run_state parameter to zm_html_view_state.php.

Affected packages (1)

Debian/zoneminderfrom 0, < 1.24.1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3882