CVE-2022-25568
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-25568
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-25568.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-25568
- Aliases
- Published
- 2022-03-24T17:15:08Z
- Modified
- 2024-11-22T20:57:11.529333Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured.
- References
Affected packages
Git / github.com/motioneye-project/motioneye
Affected ranges
- Type
- GIT
- Repo
- https://github.com/motioneye-project/motioneye
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
0.*
0.1
0.10
0.11
0.12
0.13
0.14
0.15
0.16
0.17
0.18
0.19
0.2
0.20
0.21
0.22
0.23
0.24
0.25
0.25.1
0.25.2
0.26
0.27
0.27.1
0.27.2
0.28
0.28.1
0.28.2
0.28.3
0.29
0.29.1
0.29rc1
0.29rc2
0.3
0.30
0.30rc1
0.30rc2
0.31
0.31.1
0.31.2
0.31.3
0.31.4
0.31.5
0.32
0.32.1
0.33.1
0.33.2
0.33.3
0.33.4
0.34
0.34.1
0.34rc1
0.35
0.35.1
0.35.2
0.35rc1
0.36
0.36.1
0.37
0.37.1
0.37rc1
0.38
0.38.1
0.39
0.39.1
0.39.2
0.39.3
0.4
0.40
0.40rc1
0.40rc2
0.40rc3
0.40rc4
0.40rc5
0.41
0.41rc1
0.42
0.42.1
0.5
0.6
0.7
0.8
0.9