{"id":"CVE-2022-29806","details":"ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability.","modified":"2026-04-10T04:47:22.350575Z","published":"2022-04-26T04:15:42.487Z","references":[{"type":"ADVISORY","url":"https://forums.zoneminder.com/viewtopic.php?t=31638"},{"type":"ADVISORY","url":"https://github.com/ZoneMinder/zoneminder/releases/tag/1.36.13"},{"type":"FIX","url":"https://github.com/ZoneMinder/zoneminder/commit/9fee64b62fbdff5bf5ece1d617f1f53c7b1967cb"},{"type":"EVIDENCE","url":"https://krastanoel.com/cve/2022-29806"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/166980/ZoneMinder-Language-Settings-Remote-Code-Execution.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zoneminder/zoneminder","events":[{"introduced":"0"},{"fixed":"db41e6eda5e61349085445ae6678d775a272ec2b"},{"fixed":"9fee64b62fbdff5bf5ece1d617f1f53c7b1967cb"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.36.13"}]}}],"versions":["1.32.3","1.34.0","1.36.0","1.36.1","1.36.12","1.36.2","1.36.3","1.36.4","1.36.6","1.36.7","1.36.8","1.36.9","v1.25","v1.26.0","v1.26.1","v1.26.2","v1.26.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29806.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}