Frigate
CVE-2023-45670
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, the config/save and config/set endpoints of Frigate do not implement any CSRF protection. This makes it possible for a request sourced from another site to update the configuration of the Frigate server (e.g. via "drive-by" attack). Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. This issue can lead to arbitrary configuration updates for the Frigate server, resulting in denial of service and possible data exfiltration. Version 0.13.0 Beta 3 contains a patch.
AnalysisAI
Frigate is an open source network video recorder. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, the config/save and config/set endpoints of Frigate do not implement any CSRF protection. This makes it possible for a request sourced from another site to update the configuration of the Frigate server (e.g. via "drive-by" attack). Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. This issue can lead to arbitrary configuration updates for the Frigate server, resulting in denial of service and possible data exfiltration. Version 0.13.0 Beta 3 contains a patch. Affected products include: Frigate. Version information: version 0.13.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.
Frigate NVR has a command injection vulnerability (CVSS 9.1) allowing authenticated attackers to execute OS commands on
Frigate is an open source network video recorder. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit
Frigate versions prior to 0.17.0-beta1 contain an authentication weakness that allows any authenticated user to change a
Frigate is an open source network video recorder. Rated medium severity (CVSS 4.7), this vulnerability is remotely explo
Frigate network video recorder versions prior to 0.17.1 allow authenticated users with restricted camera access to enume
Broken access control in Frigate 0.17.0 allows authenticated non-admin users to retrieve the complete raw configuration
Frigate versions prior to 0.16.3 contain a Server-Side Request Forgery (SSRF) vulnerability in the /ffprobe endpoint tha
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today