HIGH
Zoneminder
CVE published 2017-01-13
CVE-2016-10140
CVE-2016-10140 is an information disclosure and authentication bypass issue tied to the Apache HTTP Server configuration bundled with ZoneMinder. NVD and the CVE references describe a remote unauthenticated attacker being able to browse directories in the web root, potentially exposing CCTV images through the /events URI.