CVE-2021-44255

HIGH

MotionEye <= 0.42.1 and MotionEyeOS <= 20200606 - Authenticated Remote Code Execution via Malicious Configuration Backup

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-44255. PoCs published by pizza-power.

AI-analyzed exploit summary This exploit leverages authenticated RCE in MotionEye/MotionEyeOS by uploading a malicious tasks.pickle file via a backup/restore mechanism. It requires admin credentials and exploits insecure deserialization to execute arbitrary commands.

Description

Authenticated remote code execution in MotionEye <= 0.42.1 and MotioneEyeOS <= 20200606 allows a remote attacker to upload a configuration backup file containing a malicious python pickle file which will execute arbitrary code on the server.

Exploits (1)

nomisec WORKING POC 1 stars
by pizza-power · poc
https://github.com/pizza-power/motioneye-authenticated-RCE

This exploit leverages authenticated RCE in MotionEye/MotionEyeOS by uploading a malicious tasks.pickle file via a backup/restore mechanism. It requires admin credentials and exploits insecure deserialization to execute arbitrary commands.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MotionEye/MotionEyeOS
Auth required
Prerequisites: Administrator credentials · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/ccrisan/motioneyeos/issues/2843

Scores

CVSS v3 7.2
EPSS 0.1364
EPSS Percentile 94.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-306
Status published
Products (3)
motioneye_project/motioneye < 0.42.1
motioneyeos_project/motioneyeos < 20200606
pypi/motioneye 0PyPI
Published Jan 31, 2022
Tracked Since Feb 18, 2026