RCE in Motioneye-project Motioneye

CVE-2025-47782

motionEye is an online interface for the software motion, a video surveillance program with motion detection. In versions 0.43.1b1 through 0.43.1b3, using a constructed (camera) device path with the `add`/`add_camera` motionEye web API all…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.004 (32.4th percentile) — read the EPSS interpretation.

Affected products

Motioneye-project Motioneye — versions >= 0.43.1b1, < 0.43.1b4

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)
security-advisories@github.com (x_refsource_MISC)