Product
Unauthenticated attackers can exploit a path traversal vulnerability in motionEye versions prior to 0.44.0 to read the application's configuration file, steal the admin SHA-1 password hash, and achieve full administrative access, leading to remote code execution.