CVE-2017-5595

Name of the Vulnerable Software and Affected Versions ZoneMinder versions 1.x through 1.30.0

Description A file disclosure and inclusion issue exists due to unfiltered user-input being passed to the readfile() function, allowing an authenticated attacker to read local system files, such as /etc/passwd, in the context of the web server user (www-data). The attack vector involves a .. (dot dot) in the path parameter within a zm/index.php?view=file&path= request.

Recommendations For ZoneMinder versions 1.x through 1.30.0, consider restricting access to the file.php view until a patch is available. As a temporary workaround, avoid using the path parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.