Zoneminder · Zoneminder · CVE-2017-5595
**Name of the Vulnerable Software and Affected Versions**
ZoneMinder versions 1.x through 1.30.0
**Description**
A file disclosure and inclusion issue exists due to unfiltered user-input being passed to the `readfile()` function, allowing an authenticated attacker to read local system files, such as `/etc/passwd`, in the context of the web server user (`www-data`). The attack vector involves a `..` (dot dot) in the `path` parameter within a `zm/index.php?view=file&path=` request.
**Recommendations**
For ZoneMinder versions 1.x through 1.30.0, consider restricting access to the `file.php` view until a patch is available. As a temporary workaround, avoid using the `path` parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.