Vulnerabilities > Motioneye Project > Motioneye > 0.38
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-24 | CVE-2022-25568 | Insecure Default Initialization of Resource vulnerability in Motioneye Project Motioneye MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. | 7.5 |
| 2022-01-31 | CVE-2021-44255 | Missing Authentication for Critical Function vulnerability in multiple products Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server. | 6.5 |