Severity: Critical
CVSS Score: 9.8
daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.