CVE-2022-25568

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-25568

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25568.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-25568

Aliases

Published

2022-03-24T17:15:08.410Z

Modified

2026-03-13T05:36:29.289493Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured.

References

Affected packages

Git / github.com/motioneye-project/motioneye

Affected ranges

Type

GIT

Repo

https://github.com/motioneye-project/motioneye

Events

Introduced

Last affected

acdc6644dbb0768a228d45fc2b230b779a9bc661

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.42.1"
        }
    ]
}

Affected versions

0.*

0.1

0.10

0.11

0.12

0.13

0.14

0.15

0.16

0.17

0.18

0.19

0.2

0.20

0.21

0.22

0.23

0.24

0.25

0.25.1

0.25.2

0.26

0.27

0.27.1

0.27.2

0.28

0.28.1

0.28.2

0.28.3

0.29

0.29.1

0.29rc1

0.29rc2

0.3

0.30

0.30rc1

0.30rc2

0.31

0.31.1

0.31.2

0.31.3

0.31.4

0.31.5

0.32

0.32.1

0.33.1

0.33.2

0.33.3

0.33.4

0.34

0.34.1

0.34rc1

0.35

0.35.1

0.35.2

0.35rc1

0.36

0.36.1

0.37

0.37.1

0.37rc1

0.38

0.38.1

0.39

0.39.1

0.39.2

0.39.3

0.4

0.40

0.40rc1

0.40rc2

0.40rc3

0.40rc4

0.40rc5

0.41

0.41rc1

0.42

0.42.1

0.5

0.6

0.7

0.8

0.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25568.json"