CVE•Published 2025-10-03•Modified 2026-07-05•1 article on news•6 live references•NVD data
CVE-2025-60787Motioneye_project · Motioneye
Vulnerability data via NVD (ingested)
CVSS v3.1
7.2
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
98
Exploit Prediction Scoring System · top 2% of all CVEs
Weaknesses (CWE)
Description
MotionEye v0.43.1b4 and before is vulnerable to OS Command Injection in configuration parameters such as image_file_name. Unsanitized user input is written to Motion configuration files, allowing remote authenticated attackers with admin access to achieve code execution when Motion is restarted.
Timeline
Published 2025-10-03
Modified 2026-07-05
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag0 hosts
vuln:CVE-2025-60787Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Motioneye Project Motioneye" version:"0.42.1"Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"Motioneye"HTTP body or banner mentions "Motioneye" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2025-60787Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2025-60787Censys host search filtered to this CVE id.
grep.app
CVE-2025-60787Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2025-60787GitHub code search for direct mentions.
Google dork
"CVE-2025-60787" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (8)
CVE-2025-607878 repos
gunzf0x/CVE-2025-60787Python
PoC for CVE-2025-60787 - Authenticated RCE in motionEye for all versions up to 0.43.1b4 (included)
herzklug/CCTVunknown
lil0xplorer/CVE-2025-60787_PoCPython
anxs3c/Machinesunknown
Linux, Windows, Active Directory, and OT/ICS machines writeups
Rohitberiwala/CVE-2025-60787-MotionEye-RCEPython
Professional PoC for CVE-2025-60787: Remote Code Execution in MotionEye (<= 0.43.1b4). This exploit demonstrates an OS Command Injection vulnerability through client-side validatio…
galletitaconpate/CVEsPython
GarethMSheldon/GarethMSheldonunknown
skyejacobson/CCTV_HTBShell
Personal writeup of the seasonal CCTV Hack The Box machine