CVE-2026-33125

Published: Mar 20, 2026 Last Modified: Mar 20, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,1

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: high

Description

AI Translation Available

Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version 0.16.3.

285

Improper Authorization

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Access Control

Potential Impacts:

Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands

Applicable Platforms

Technologies: Database Server, Not Technology-Specific, Web Server

Likelihood of Exploit: High

View CWE Details

https://github.com/blakeblackshear/frigate/releases/tag/v0.…

https://github.com/blakeblackshear/frigate/releases/tag/v0.16.3

https://github.com/blakeblackshear/frigate/security/advisor…

https://github.com/blakeblackshear/frigate/security/advisories/GHSA-vg28-83rp-8…

CVE-2026-33125

Description

Improper Authorization

Common Consequences

Applicable Platforms

Iscriviti alla newsletter