What is the CVSS score of CVE-2025-60787?

CVE-2025-60787 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 66.0%.

Which versions of Motioneye are affected by CVE-2025-60787?

Organizations using MotionEye v0.43.1b4 and before face moderate risk from CVE-2025-60787, a input validation vulnerability rated CVSS 7.2.. A patch is available.

Is there a public PoC exploit available for CVE-2025-60787?

Yes, a public proof-of-concept exploit is available for CVE-2025-60787. Prioritise patching immediately. EPSS: 66.0%.

How to fix or mitigate CVE-2025-60787?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Monitor vendor channels for patch availability.

Motioneye CVE-2025-60787

EUVD-2025-32486 HIGH

Improper Input Validation (CWE-20)

2025-10-03 cve@mitre.org

GHSA-j945-qm58-4gjx

RCE Command Injection Motioneye

7.2

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.2 HIGH

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

EUVD ID Assigned

Mar 13, 2026 - 19:29 euvd

EUVD-2025-32486

Analysis Generated

Mar 13, 2026 - 19:29 vuln.today

PoC Detected

Oct 10, 2025 - 16:22 vuln.today

Public exploit code

CVE Published

Oct 03, 2025 - 16:16 nvd

HIGH 7.2

DescriptionCVE.org

MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted.

AnalysisAI

MotionEye video surveillance software version 0.43.1b4 and earlier contains an authenticated OS command injection via configuration parameters such as image_file_name. Admin users can inject commands that execute when the Motion daemon restarts, achieving code execution on the surveillance server.

Technical ContextAI

MotionEye writes user-supplied configuration values (like image_file_name) directly into Motion configuration files without sanitization. When Motion restarts, the configuration values are processed by the daemon. By injecting shell metacharacters into configuration fields, an admin user can execute arbitrary commands when Motion processes the configuration.

RemediationAI

Update MotionEye to a version with input sanitization. Change default credentials. Restrict MotionEye access to VPN or trusted networks. Run MotionEye as a non-root user. Monitor for unauthorized configuration changes.

CVE-2025-60787 vulnerability details – vuln.today

Back

Motioneye CVE-2025-60787

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code