CVE-2022-29806

ZoneMinder before 1.36.13 allows remote code execution via an invalid language. Ability to create a debug log file at an arbitrary pathname contributes to exploitability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt