{"vulnerability": "CVE-2023-2603", "sightings": [{"uuid": "21c83e87-5a76-496d-82f5-9b8ebbd3f635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "d7e09d3d-dad1-4325-a726-43678044e572", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:51.000000Z"}, {"uuid": "1a11a5dd-a8c9-43a3-aa1b-2e21121bc8da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/zoneminder_snapshots.rb", "content": "", "creation_timestamp": "2023-11-10T20:44:04.000000Z"}, {"uuid": "9875731a-aa05-432b-a960-2ccfe8890078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "35d130af-6c4b-4115-aa8b-3ba550153be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6171", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC script for CVE-2023-26035 (zoneminder 1.36.32) \nURL\uff1ahttps://github.com/heapbytes/CVE-2023-26035\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-13T15:51:46.000000Z"}, {"uuid": "be59aa33-914b-4fb2-ade3-3ef41ebc6589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6150", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThis is a script written in Python that allows the exploitation of the Zoneminder's security flaw in the described in CVE-2023-26035. \nURL\uff1ahttps://github.com/m3m0o/zoneminder-snapshots-rce\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-12T14:49:32.000000Z"}, {"uuid": "6a1215cf-c739-4bdf-81f4-abc1d965ab57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6140", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aUnauthenticated RCE in ZoneMinder Snapshots\nURL\uff1ahttps://github.com/rvizx/CVE-2023-26035\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-11T20:34:28.000000Z"}, {"uuid": "cc38f4e3-05b4-42c0-aa36-ae12b69390e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6314", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploit for CVE-2023-26035 affecting ZoneMinder < 1.36.33 and < 1.37.33\nURL\uff1ahttps://github.com/Faelian/zoneminder_CVE-2023-26035\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-27T18:46:31.000000Z"}, {"uuid": "f97cb829-c199-48d8-86b0-b3e31e2b0969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/Celestial_Pulse24/8477", "content": "https://github.com/rvizx/CVE-2023-26035\n\nUnauthenticated RCE in ZoneMinder Snapshots - Poc Exploit\n#github  #exploit", "creation_timestamp": "2024-09-09T19:22:48.000000Z"}, {"uuid": "9036f064-1b00-4933-becd-14c3fb01b9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "Telegram/Qi2GcI11LtDfpKlL5x0yaUxGZkeNLUPmyGf3aIvELOEb_g", "content": "", "creation_timestamp": "2024-08-24T11:53:41.000000Z"}, {"uuid": "f0adca9a-3a77-4f4b-844b-0a34be11addd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/2238", "content": "#ExploitObserverAlert\n\nCVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.\n\nFIRST-EPSS: 0.104040000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-29T10:53:57.000000Z"}, {"uuid": "f3f7b38d-20ac-4903-b334-3b6860fbf263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/2059", "content": "#ExploitObserverAlert\n\nCVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.\n\nFIRST-EPSS: 0.104040000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-22T17:38:07.000000Z"}, {"uuid": "3006187a-6c1b-4d27-9613-c487daf70c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/2203", "content": "#ExploitObserverAlert\n\nCVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.\n\nFIRST-EPSS: 0.104040000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-28T06:17:49.000000Z"}, {"uuid": "f723ffc5-6474-477f-962e-1fd2c7895bad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/2069", "content": "#ExploitObserverAlert\n\nPD/http/cves/2023/CVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 6 entries related to PD/http/cves/2023/CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id.", "creation_timestamp": "2023-12-22T19:59:53.000000Z"}, {"uuid": "bd2e3355-8ec7-4da7-9089-802ef5c79026", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3700", "content": "https://github.com/rvizx/CVE-2023-26035\n\nUnauthenticated RCE in ZoneMinder Snapshots - Poc Exploit\n#github  #exploit", "creation_timestamp": "2023-12-20T13:43:29.000000Z"}, {"uuid": "76eae550-f92e-42c1-9188-2529638b8a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/1836", "content": "#ExploitObserverAlert\n\nCVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.\n\nFIRST-EPSS: 0.104040000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T15:47:06.000000Z"}, {"uuid": "82d75a7f-59ce-419c-9e98-c30c3056ba69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/arpsyndicate/1802", "content": "#ExploitObserverAlert\n\nCVE-2023-26035\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-26035. ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the snapshot action, which expects an id to fetch an existing monitor but can be passed an object to create a new one instead. TriggerOn ends up calling shell_exec using the supplied Id. This issue is fixed in This issue is fixed in versions 1.36.33 and 1.37.33.\n\nFIRST-EPSS: 0.134140000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T11:37:39.000000Z"}, {"uuid": "16289a0e-b0b5-45f9-ad22-eb2405c00add", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/ctinow/159252", "content": "https://ift.tt/45YlL3r\nCVE-2023-26035 Exploit", "creation_timestamp": "2023-12-26T05:16:37.000000Z"}, {"uuid": "8dcc8791-09cd-4ed5-8e37-780789067194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26031", "type": "seen", "source": "https://t.me/ctinow/167312", "content": "https://ift.tt/S6wH1Y2\nCVE-2023-26031 Apache Hadoop Vulnerability in NetApp Products", "creation_timestamp": "2024-01-12T15:26:31.000000Z"}, {"uuid": "71e06627-cdd5-462f-a001-624132f64aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2603", "type": "seen", "source": "https://t.me/cibsecurity/65021", "content": "\u203c CVE-2023-2603 \u203c\n\nA vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-07T00:29:33.000000Z"}, {"uuid": "ca11bae6-9012-4be2-9d38-ea30b6ec63c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1729", "content": "https://github.com/rvizx/CVE-2023-26035\n\nUnauthenticated RCE in ZoneMinder Snapshots - Poc Exploit\n#github  #exploit", "creation_timestamp": "2023-12-20T13:19:25.000000Z"}, {"uuid": "abffe3b3-5875-4aef-8fbc-8fdd500dabbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/Rootsec_2/2265", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-08-16T08:56:17.000000Z"}, {"uuid": "52fd9ccf-c13b-4646-ac54-fa0e60ca9b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26035", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9584", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-03-20T05:06:02.000000Z"}]}