# Zoneminder Unauthenticated RCE via Snapshots (CVE-2023-26035) POC

This is a script written in Python that allows the exploitation of the **Zoneminder's** security flaw described in **CVE-2023-26035**. The system is vulnerable in versions preceding **1.36.33** and **1.37.33.**

## Usage

Clone the repository to your machine and install the dependencies using **pip** (it is recommended to use **virtualenv** to create an environment to separate these installations from global installations)

git clone
cd zoneminder-snapshots-rce-poc
pip install -r requirements.txt

The script needs the **target URL** with the **Zoneminder's** root path (like **,** or ****, the **IP** or **domain** for the target machine to connect and the **port** for the target machine to connect. Here's an example:

python3 -u -i -p 443


## References

[Unauthenticated RCE in snapshots](

[Rapid7 Vulnerability & Exploit Database ZoneMinder Snapshots Command Injection](