Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 700_network_document_server | 1.10 |
| axis | 700_network_document_server | 1.12 |
| axis | 700_network_document_server | 1.14 |
| axis | 700_network_document_server | 1.0 |
| axis | 700_network_document_server | 1.11 |
| axis | 700_network_document_server | 1.13 |
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | storpoint_cd | * |
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2100_network_camera | * |
| axis | neteye_200+ | * |
| axis | 2120_network_camera | * |
| axis | 2110_network_camera | * |
| axis | neteye_200 | * |
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2460_network_dvr | * |
| axis | 2130_ptz_network_camera | * |
| axis | 2420_network_camera | * |
| axis | 2400_video_server | * |
| axis | 2100_network_camera | * |
| axis | 250s_video_server | * |
| axis | 2401_video_server | * |
| axis | 2120_network_camera | * |
| axis | 2110_network_camera | * |
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2400_video_server | 2.32 |
| axis | 2401_video_server | 2.31 |
| axis | 2400_video_server | 2.20 |
| axis | 2401_video_server | 2.20 |
| axis | 2400_video_server | 2.0 |
| axis | 2400_video_server | 2.31 |
| axis | 2400_video_server | 2.33 |
| axis | 2401_video_server | 2.32 |
| axis | 2401_video_server | 2.33 |
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dnrd | dnrd | 2.5 |
| dnrd | dnrd | 2.1 |
| posadis | posadis | 0.60.1 |
| qbik | wingate | 6.0.1_build_993 |
| dnrd | dnrd | 2.3 |
| delegate | delegate | 7.7.0 |
| maradns | maradns | 0.8.05 |
| delegate | delegate | 8.9.1 |
| delegate | delegate | 7.8.2 |
| maradns | maradns | 0.5.29 |
| dnrd | dnrd | 2.6 |
| posadis | posadis | m5pre1 |
| axis | 2120_network_camera | 2.41 |
| posadis | posadis | 0.50.8 |
| axis | 2100_network_camera | 2.01 |
| axis | 2100_network_camera | 2.30 |
| axis | 2420_network_camera | 2.33 |
| delegate | delegate | 7.8.0 |
| axis | 2100_network_camera | 2.33 |
| axis | 2100_network_camera | 2.03 |
| posadis | posadis | 0.50.5 |
| delegate | delegate | 8.9.3 |
| axis | 2460_network_dvr | 3.12 |
| axis | 2420_network_camera | 2.12 |
| maradns | maradns | 0.5.28 |
| delegate | delegate | 8.3.4 |
| axis | 2100_network_camera | 2.32 |
| posadis | posadis | 0.50.4 |
| don_moore | mydns | 0.8 |
| axis | 2100_network_camera | 2.31 |
| axis | 2100_network_camera | 2.02 |
| delegate | delegate | 8.5.0 |
| axis | 2401_video_server | 3.12 |
| qbik | wingate | 3.0 |
| axis | 2420_network_camera | 2.32 |
| axis | 2420_network_camera | 2.40 |
| axis | 2110_network_camera | 2.12 |
| axis | 2400_video_server | 3.11 |
| dnrd | dnrd | 1.4 |
| axis | 2420_network_camera | 2.41 |
| axis | 2420_network_camera | 2.34 |
| delegate | delegate | 8.3.3 |
| axis | 2120_network_camera | 2.31 |
| dnrd | dnrd | 1.3 |
| dnrd | dnrd | 2.8 |
| qbik | wingate | 6.0 |
| axis | 2100_network_camera | 2.41 |
| axis | 2120_network_camera | 2.30 |
| axis | 2120_network_camera | 2.40 |
| axis | 2110_network_camera | 2.40 |
| axis | 2110_network_camera | 2.31 |
| dnrd | dnrd | 2.0 |
| delegate | delegate | 8.4.0 |
| delegate | delegate | 7.7.1 |
| posadis | posadis | 0.50.7 |
| posadis | posadis | 0.50.6 |
| don_moore | mydns | 0.6 |
| maradns | maradns | 0.5.30 |
| delegate | delegate | 8.9.4 |
| qbik | wingate | 4.0.1 |
| dnrd | dnrd | 1.0 |
| dnrd | dnrd | 1.2 |
| dnrd | dnrd | 2.9 |
| qbik | wingate | 6.0.1_build_995 |
| dnrd | dnrd | 2.10 |
| dnrd | dnrd | 1.1 |
| don_moore | mydns | 0.7 |
| delegate | delegate | 8.9.2 |
| delegate | delegate | 8.9.5 |
| posadis | posadis | m5pre2 |
| axis | 2400_video_server | 3.12 |
| axis | 2100_network_camera | 2.0 |
| don_moore | mydns | 0.10.0 |
| posadis | posadis | 0.50.9 |
| axis | 2110_network_camera | 2.41 |
| pliant | pliant_dns_server | * |
| posadis | posadis | 0.60.0 |
| axis | 2110_network_camera | 2.32 |
| axis | 2120_network_camera | 2.32 |
| axis | 2120_network_camera | 2.34 |
| maradns | maradns | 0.5.31 |
| axis | 2420_network_camera | 2.31 |
| qbik | wingate | 4.1_beta_a |
| delegate | delegate | 7.8.1 |
| team_johnlong | raidendnsd | * |
| axis | 2100_network_camera | 2.34 |
| dnrd | dnrd | 2.2 |
| axis | 2110_network_camera | 2.34 |
| dnrd | dnrd | 2.7 |
| axis | 2100_network_camera | 2.40 |
| delegate | delegate | 7.9.11 |
| dnrd | dnrd | 2.4 |
| axis | 2100_network_camera | 2.12 |
| axis | 2110_network_camera | 2.30 |
| don_moore | mydns | 0.9 |
| delegate | delegate | 8.9 |
| axis | 2420_network_camera | 2.30 |
| axis | 2120_network_camera | 2.12 |
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2120_network_camera | 2.31 |
| axis | 2420_video_server | 2.32 |
| axis | 2400_video_server | 2.32 |
| axis | 2490_serial_server | 2.11.3 |
| axis | 2400_video_server | 2.20 |
| axis | 2130_ptz_network_camera | 2.32 |
| axis | 2400_video_server | 2.31 |
| axis | 2100_network_camera | 2.41 |
| axis | 2120_network_camera | 2.30 |
| axis | 2120_network_camera | 2.40 |
| axis | 2400_video_server | 1.15 |
| axis | 2110_network_camera | 2.40 |
| axis | 2401_video_server | 2.34 |
| axis | 2401_video_server | 3.13 |
| axis | 2110_network_camera | 2.31 |
| axis | 250s_video_server | * |
| axis | 2401_video_server | 2.30 |
| axis | 2490_serial_server | * |
| axis | 2460_network_dvr | 3.11 |
| axis | 2460_network_dvr | 3.10 |
| axis | 2420_video_server | 2.34 |
| axis | 2400_video_server | 1.1 |
| axis | 2401_video_server | 1.0_1 |
| axis | 2120_network_camera | 2.41 |
| axis | 2400_video_server | 3.12 |
| axis | 2100_network_camera | 2.30 |
| axis | 2400_video_server | 2.34 |
| axis | 2110_network_camera | 2.41 |
| axis | 2420_network_camera | 2.33 |
| axis | 2100_network_camera | 2.33 |
| axis | 250s_video_server | 3.03 |
| axis | 2400_video_server | 2.33 |
| axis | 2110_network_camera | 2.32 |
| axis | 2120_network_camera | 2.32 |
| axis | 2420_network_camera | 2.12 |
| axis | 2120_network_camera | 2.34 |
| axis | 230_mpeg2_video_server | 3.11 |
| axis | 2400_video_server | 1.2 |
| axis | 2100_network_camera | 2.32 |
| axis | 2130_ptz_network_camera | 2.30 |
| axis | 2420_network_camera | 2.31 |
| axis | 2130_ptz_network_camera | 2.40 |
| axis | 2401_video_server | 1.15 |
| axis | 2411_video_server | 3.12 |
| axis | 2401_video_server | 2.33 |
| axis | 2400_video_server | 1.12 |
| axis | 2100_network_camera | 2.31 |
| axis | 2100_network_camera | 2.34 |
| axis | 2401_video_server | 2.20 |
| axis | 2400_video_server | 2.0 |
| axis | 2401_video_server | 3.12 |
| axis | 2411_video_server | 3.13 |
| axis | 2110_network_camera | 2.34 |
| axis | 2420_network_camera | 2.32 |
| axis | 2460_network_dvr | * |
| axis | 2420_network_camera | 2.40 |
| axis | 2100_network_camera | 2.40 |
| axis | 2130_ptz_network_camera | 2.31 |
| axis | 2110_network_camera | 2.12 |
| axis | 2400_video_server | 3.11 |
| axis | 2420_network_camera | 2.41 |
| axis | storpoint_cd | * |
| axis | 2130_ptz_network_camera | 2.34 |
| axis | 2100_network_camera | 2.12 |
| axis | 2400_video_server | 1.11 |
| axis | 2110_network_camera | 2.30 |
| axis | 2420_network_camera | 2.34 |
| axis | 2400_video_server | 1.10 |
| axis | 2401_video_server | 2.31 |
| axis | 250s_video_server | 3.10 |
| axis | 2400_video_server | 2.30 |
| axis | 2401_video_server | 2.32 |
| axis | 2420_network_camera | 2.30 |
| axis | 2120_network_camera | 2.12 |
Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. (dot dot) in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying files using editcgi.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2120_network_camera | 2.31 |
| axis | 2420_video_server | 2.32 |
| axis | 2400_video_server | 2.32 |
| axis | 2490_serial_server | 2.11.3 |
| axis | 2400_video_server | 2.20 |
| axis | 2130_ptz_network_camera | 2.32 |
| axis | 2400_video_server | 2.31 |
| axis | 2100_network_camera | 2.41 |
| axis | 2120_network_camera | 2.30 |
| axis | 2120_network_camera | 2.40 |
| axis | 2400_video_server | 1.15 |
| axis | 2110_network_camera | 2.40 |
| axis | 2401_video_server | 2.34 |
| axis | 2401_video_server | 3.13 |
| axis | 2110_network_camera | 2.31 |
| axis | 250s_video_server | * |
| axis | 2401_video_server | 2.30 |
| axis | 2490_serial_server | * |
| axis | 2460_network_dvr | 3.11 |
| axis | 2460_network_dvr | 3.10 |
| axis | 2420_video_server | 2.34 |
| axis | 2400_video_server | 1.1 |
| axis | 2401_video_server | 1.0_1 |
| axis | 2120_network_camera | 2.41 |
| axis | 2400_video_server | 3.12 |
| axis | 2100_network_camera | 2.30 |
| axis | 2400_video_server | 2.34 |
| axis | 2110_network_camera | 2.41 |
| axis | 2420_network_camera | 2.33 |
| axis | 2100_network_camera | 2.33 |
| axis | 250s_video_server | 3.03 |
| axis | 2400_video_server | 2.33 |
| axis | 2110_network_camera | 2.32 |
| axis | 2120_network_camera | 2.32 |
| axis | 2420_network_camera | 2.12 |
| axis | 2120_network_camera | 2.34 |
| axis | 230_mpeg2_video_server | 3.11 |
| axis | 2400_video_server | 1.2 |
| axis | 2100_network_camera | 2.32 |
| axis | 2130_ptz_network_camera | 2.30 |
| axis | 2420_network_camera | 2.31 |
| axis | 2130_ptz_network_camera | 2.40 |
| axis | 2401_video_server | 1.15 |
| axis | 2411_video_server | 3.12 |
| axis | 2401_video_server | 2.33 |
| axis | 2400_video_server | 1.12 |
| axis | 2100_network_camera | 2.31 |
| axis | 2100_network_camera | 2.34 |
| axis | 2401_video_server | 2.20 |
| axis | 2400_video_server | 2.0 |
| axis | 2401_video_server | 3.12 |
| axis | 2411_video_server | 3.13 |
| axis | 2110_network_camera | 2.34 |
| axis | 2420_network_camera | 2.32 |
| axis | 2460_network_dvr | * |
| axis | 2420_network_camera | 2.40 |
| axis | 2100_network_camera | 2.40 |
| axis | 2130_ptz_network_camera | 2.31 |
| axis | 2110_network_camera | 2.12 |
| axis | 2400_video_server | 3.11 |
| axis | 2420_network_camera | 2.41 |
| axis | storpoint_cd | * |
| axis | 2130_ptz_network_camera | 2.34 |
| axis | 2100_network_camera | 2.12 |
| axis | 2400_video_server | 1.11 |
| axis | 2110_network_camera | 2.30 |
| axis | 2420_network_camera | 2.34 |
| axis | 2400_video_server | 1.10 |
| axis | 2401_video_server | 2.31 |
| axis | 250s_video_server | 3.10 |
| axis | 2400_video_server | 2.30 |
| axis | 2401_video_server | 2.32 |
| axis | 2420_network_camera | 2.30 |
| axis | 2120_network_camera | 2.12 |
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2120_network_camera | 2.31 |
| axis | 2420_video_server | 2.32 |
| axis | 2400_video_server | 2.32 |
| axis | 2490_serial_server | 2.11.3 |
| axis | 2400_video_server | 2.20 |
| axis | 2130_ptz_network_camera | 2.32 |
| axis | 2400_video_server | 2.31 |
| axis | 2100_network_camera | 2.41 |
| axis | 2120_network_camera | 2.30 |
| axis | 2120_network_camera | 2.40 |
| axis | 2400_video_server | 1.15 |
| axis | 2110_network_camera | 2.40 |
| axis | 2401_video_server | 2.34 |
| axis | 2401_video_server | 3.13 |
| axis | 2110_network_camera | 2.31 |
| axis | 250s_video_server | * |
| axis | 2401_video_server | 2.30 |
| axis | 2490_serial_server | * |
| axis | 2460_network_dvr | 3.11 |
| axis | 2460_network_dvr | 3.10 |
| axis | 2420_video_server | 2.34 |
| axis | 2400_video_server | 1.1 |
| axis | 2401_video_server | 1.0_1 |
| axis | 2120_network_camera | 2.41 |
| axis | 2400_video_server | 3.12 |
| axis | 2100_network_camera | 2.30 |
| axis | 2400_video_server | 2.34 |
| axis | 2110_network_camera | 2.41 |
| axis | 2420_network_camera | 2.33 |
| axis | 2100_network_camera | 2.33 |
| axis | 250s_video_server | 3.03 |
| axis | 2400_video_server | 2.33 |
| axis | 2110_network_camera | 2.32 |
| axis | 2120_network_camera | 2.32 |
| axis | 2420_network_camera | 2.12 |
| axis | 2120_network_camera | 2.34 |
| axis | 230_mpeg2_video_server | 3.11 |
| axis | 2400_video_server | 1.2 |
| axis | 2100_network_camera | 2.32 |
| axis | 2130_ptz_network_camera | 2.30 |
| axis | 2420_network_camera | 2.31 |
| axis | 2130_ptz_network_camera | 2.40 |
| axis | 2401_video_server | 1.15 |
| axis | 2411_video_server | 3.12 |
| axis | 2401_video_server | 2.33 |
| axis | 2400_video_server | 1.12 |
| axis | 2100_network_camera | 2.31 |
| axis | 2100_network_camera | 2.34 |
| axis | 2401_video_server | 2.20 |
| axis | 2400_video_server | 2.0 |
| axis | 2401_video_server | 3.12 |
| axis | 2411_video_server | 3.13 |
| axis | 2110_network_camera | 2.34 |
| axis | 2420_network_camera | 2.32 |
| axis | 2460_network_dvr | * |
| axis | 2420_network_camera | 2.40 |
| axis | 2100_network_camera | 2.40 |
| axis | 2130_ptz_network_camera | 2.31 |
| axis | 2110_network_camera | 2.12 |
| axis | 2400_video_server | 3.11 |
| axis | 2420_network_camera | 2.41 |
| axis | storpoint_cd | * |
| axis | 2130_ptz_network_camera | 2.34 |
| axis | 2100_network_camera | 2.12 |
| axis | 2400_video_server | 1.11 |
| axis | 2110_network_camera | 2.30 |
| axis | 2420_network_camera | 2.34 |
| axis | 2400_video_server | 1.10 |
| axis | 2401_video_server | 2.31 |
| axis | 250s_video_server | 3.10 |
| axis | 2400_video_server | 2.30 |
| axis | 2401_video_server | 2.32 |
| axis | 2420_network_camera | 2.30 |
| axis | 2120_network_camera | 2.12 |
The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) 6.2.10.11 for AXIS network cameras allows remote attackers to create or overwrite arbitrary files via a file path to the (1) StartRecord, (2) SaveCurrentImage, or (3) StartRecordMedia methods.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | media_control_activex_control | 6.2.10.11 |
AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_communications_firmware | * |
Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | network_camera_firmware | - |
The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | network_camera_firmware | - |
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_communications_firmware | * |
AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2100_network_camera_firmware | 2.43 |
Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 2100_network_camera_firmware | 2.03 |
A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | m3007_firmware | * |
| axis | p1204_firmware | * |
| axis | p3367_firmware | * |
| axis | m3045_firmware | * |
| axis | m3005_firmware | * |
| axis | p3225_firmware | * |
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | q3505-ve_firmware | * |
| axis | p1353_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | p1357-e_firmware | * |
| axis | p3224-lve_mk_ii_firmware | * |
| axis | m3104-l_firmware | * |
| axis | p3375-lve_firmware | * |
| axis | p1427-le_firmware | * |
| axis | q3517-lve_firmware | * |
| axis | q6045-c_firmware | * |
| axis | p3367-v_firmware | * |
| axis | p1275_firmware | * |
| axis | m5014-v_firmware | * |
| axis | p3115-i_firmware | * |
| axis | q8665-le_firmware | * |
| axis | p3346-v_firmware | * |
| axis | p3224-lv_firmware | * |
| axis | q7436_blade_firmware | * |
| axis | q3504-ve_firmware | * |
| axis | p1365_mk_ii_firmware | * |
| axis | p1367_firmware | * |
| axis | m3114-r_firmware | * |
| axis | p3315-z_firmware | * |
| axis | q7411_firmware | * |
| axis | xf40-q1765_firmware | * |
| axis | p3115-z_firmware | * |
| axis | q8741-e_firmware | * |
| axis | p1365-e_mk_ii_firmware | * |
| axis | p3343_firmware | * |
| axis | p1365-e_firmware | * |
| axis | q6042-c_firmware | * |
| axis | p1428-e_firmware | * |
| axis | fa54_main_unit_firmware | * |
| axis | p3384-v_firmware | * |
| axis | q6128-e_firmware | * |
| axis | p3905-re_firmware | * |
| axis | q6055-c_firmware | * |
| axis | q8631-e_firmware | * |
| axis | p1204_firmware | * |
| axis | m3106-lve_firmware | * |
| axis | q1932-e_pt_mount_firmware | * |
| axis | q1942-e_pt_mount_firmware | * |
| axis | q3517-lv_firmware | * |
| axis | v5915_firmware | * |
| axis | q1602-e_firmware | * |
| axis | m1045-lw_firmware | * |
| axis | q7414_blade_firmware | * |
| axis | p3225-lve_firmware | * |
| axis | m3044-v_firmware | * |
| axis | companion_cube_lw_firmware | * |
| axis | m1143-l_firmware | * |
| axis | m3105-lve_firmware | * |
| axis | q1922-e_firmware | * |
| axis | p5522_firmware | * |
| axis | q8721-e_firmware | * |
| axis | q3504-v_firmware | * |
| axis | p3374-lv_firmware | * |
| axis | p3114-i_firmware | * |
| axis | q1614-e_firmware | * |
| axis | q2901-e_firmware | * |
| axis | q8741-le_firmware | * |
| axis | m1065-lw_firmware | * |
| axis | p1344-e_firmware | * |
| axis | m3106-l_mk_ii_firmware | * |
| axis | m3027-pve_firmware | * |
| axis | p3904-r_mk_ii_firmware | * |
| axis | q8642-e_firmware | * |
| axis | p1343-e_firmware | * |
| axis | companion_dome_wv_firmware | * |
| axis | companion_recorder_8ch_firmware | * |
| axis | m1065-l_firmware | * |
| axis | q1921-e_firmware | * |
| axis | m3204-v_firmware | * |
| axis | p3304_firmware | * |
| axis | p1126-z_firmware | * |
| axis | p3227-lv_firmware | * |
| axis | q1647_firmware | * |
| axis | m7016_firmware | * |
| axis | m3046-v_1.8mm_firmware | * |
| axis | p3114-z_firmware | * |
| axis | q8655-zle_firmware | * |
| axis | p3344-v_firmware | * |
| axis | q3505-sve_mk_ii_firmware | * |
| axis | p1405-e_firmware | * |
| axis | q6035-e_firmware | * |
| axis | p1343_firmware | * |
| axis | p3214-v_firmware | * |
| axis | p3301-v_firmware | * |
| axis | q1922_firmware | * |
| axis | p1344_firmware | * |
| axis | companion_eye_lve_firmware | * |
| axis | m1104_firmware | * |
| axis | f44_dual_audio_input_firmware | * |
| axis | p5544_firmware | * |
| axis | q6045-s_firmware | * |
| axis | q1931-e_pt_mount_firmware | * |
| axis | p3707-pe_firmware | * |
| axis | q8742-e_firmware | * |
| axis | m3113-r_firmware | * |
| axis | q8675-ze_firmware | * |
| axis | q6045-c_mk_ii_firmware | * |
| axis | p1448-le_firmware | * |
| axis | p3705-z_firmware | * |
| axis | p1357_firmware | * |
| axis | q1604-e_firmware | * |
| axis | m3037-pve_firmware | * |
| axis | p3225-lv_mk_ii_firmware | * |
| axis | m1054_firmware | * |
| axis | p5514-e_firmware | * |
| axis | companion_dome_v_firmware | * |
| axis | m5013-v_firmware | * |
| axis | q3515-lve_firmware | * |
| axis | p3384-ve_firmware | * |
| axis | a9188_firmware | * |
| axis | p3224-lve_firmware | * |
| axis | q3615-ve_firmware | * |
| axis | q6045_firmware | * |
| axis | p3314-z_firmware | * |
| axis | q6055-e_firmware | * |
| axis | q6045-s_mk_ii_firmware | * |
| axis | companion_cube_l_firmware | * |
| axis | q6052_firmware | * |
| axis | d201-s_xpt_q6055_firmware | * |
| axis | p1405-le_firmware | * |
| axis | q3505-v_firmware | * |
| axis | q1941-e_firmware | * |
| axis | m1114-e_firmware | * |
| axis | q6000-e_firmware | * |
| axis | p1224-e_firmware | * |
| axis | q6124-e_firmware | * |
| axis | c1004-e_firmware | * |
| axis | m5055_firmware | * |
| axis | p7224_blade_firmware | * |
| axis | p7216_firmware | * |
| axis | p3364-v_firmware | * |
| axis | q1775_firmware | * |
| axis | p3228-lve_firmware | * |
| axis | p3904-r_firmware | * |
| axis | q6044-s_firmware | * |
| axis | p3225-lve_mk_ii_firmware | * |
| axis | q6042_firmware | * |
| axis | m2025-le_firmware | * |
| axis | p1325-z_firmware | 7.10.1.1 |
| axis | m3004-v_firmware | * |
| axis | p3363-ve_firmware | * |
| axis | p1425-le_firmware | * |
| axis | q6034-c_firmware | * |
| axis | q6035-c_firmware | * |
| axis | q6054_mk_ii_firmware | * |
| axis | q6115-e_firmware | * |
| axis | q8665-e_firmware | * |
| axis | q6032-e_firmware | * |
| axis | p3224-ve_mk_ii_firmware | * |
| axis | p3301_firmware | * |
| axis | q1921_firmware | * |
| axis | m2026-le_mk_ii_firmware | * |
| axis | f41_main_unit_firmware | * |
| axis | m7010_firmware | * |
| axis | q1932-e_firmware | * |
| axis | p3915-r_firmware | * |
| axis | q8742-le_firmware | * |
| axis | p1254_firmware | * |
| axis | p1125-zl_firmware | * |
| axis | p1435-e_firmware | * |
| axis | m1034-w_firmware | * |
| axis | q6045-e_firmware | * |
| axis | q1910_firmware | * |
| axis | p1244_firmware | * |
| axis | p8514_firmware | * |
| axis | q8685-le_firmware | * |
| axis | p3225-v_mk_ii_firmware | * |
| axis | p3905-r_mk_ii_firmware | * |
| axis | p1346_firmware | * |
| axis | q8742-e_zoom_firmware | * |
| axis | m3105-l_firmware | * |
| axis | p3354_firmware | * |
| axis | c8033_firmware | * |
| axis | q6000-e_mk_ii_firmware | * |
| axis | q1605-z_firmware | * |
| axis | q1615-e_mk_ii_firmware | * |
| axis | p5512-e_firmware | * |
| axis | q7424-r_firmware | * |
| axis | q8632-e_firmware | * |
| axis | q6125-le_firmware | * |
| axis | p5534_firmware | * |
| axis | p3364-lv_firmware | * |
| axis | p5532_firmware | * |
| axis | p8524_firmware | * |
| axis | q1614_firmware | * |
| axis | p5522-e_firmware | * |
| axis | m5054_firmware | * |
| axis | q1615-e_firmware | * |
| axis | p1346-e_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | p5624-e_mk_ii_firmware | * |
| axis | q1659_firmware | * |
| axis | p3374-v_firmware | * |
| axis | c2005_firmware | * |
| axis | q1604_firmware | * |
| axis | m3048-p_firmware | * |
| axis | p1435-le_firmware | * |
| axis | m7014_firmware | * |
| axis | q3617-ve_firmware | * |
| axis | m3203-v_firmware | * |
| axis | p5512_firmware | * |
| axis | p5514_firmware | * |
| axis | p1264_firmware | * |
| axis | m3007-pv_firmware | * |
| axis | m5014_firmware | * |
| axis | q1645_firmware | * |
| axis | p1427-e_firmware | * |
| axis | xf60-q2901_firmware | * |
| axis | q7404_firmware | * |
| axis | q1602_firmware | * |
| axis | m1025_firmware | * |
| axis | p1214_firmware | * |
| axis | q3505-ve_mk_ii_firmware | * |
| axis | p3343-v_firmware | * |
| axis | m3104-lve_firmware | * |
| axis | q1775-e_firmware | * |
| axis | m1145_firmware | * |
| axis | q1635_firmware | * |
| axis | companion_bullet_le_firmware | * |
| axis | q8641-e_firmware | * |
| axis | p1425-le_mk_ii_firmware | * |
| axis | m1013_firmware | * |
| axis | p1126-zl_firmware | * |
| axis | p3314-zl_firmware | * |
| axis | q6044-e_firmware | * |
| axis | p3315-zl_firmware | * |
| axis | m3016_firmware | * |
| axis | p3346-ve_firmware | * |
| axis | p1265_firmware | * |
| axis | p1365_firmware | * |
| axis | q6114-e_firmware | * |
| axis | m3007-p_firmware | * |
| axis | p3365-ve_firmware | * |
| axis | p5635-e_mk_ii_firmware | * |
| axis | xf40-q2901_firmware | * |
| axis | q1910-e_firmware | 5.51.5 |
| axis | p3125-z_firmware | * |
| axis | m3045-v_firmware | * |
| axis | q1755-e_firmware | * |
| axis | p1367-e_firmware | * |
| axis | p3364-lve_firmware | * |
| axis | q1941-e_pt_mount_firmware | * |
| axis | p3304-v_firmware | * |
| axis | m1033-w_firmware | * |
| axis | q6042-e_firmware | * |
| axis | q6045_mk_ii_firmware | * |
| axis | p5515_firmware | * |
| axis | companion_c360_firmware | * |
| axis | p7210_firmware | * |
| axis | p3706-z_firmware | * |
| axis | m1125_firmware | * |
| axis | q6034-e_firmware | * |
| axis | m1114_firmware | * |
| axis | q3709-pve_firmware | * |
| axis | m1125-e_firmware | * |
| axis | p3905-r_firmware | * |
| axis | companion_eye_l_firmware | * |
| axis | f44_main_unit_firmware | * |
| axis | m3113-ve_firmware | * |
| axis | p1425-e_firmware | * |
| axis | a8105-e_firmware | * |
| axis | m5525-e_firmware | * |
| axis | p1364_firmware | * |
| axis | p3375-lv_firmware | * |
| axis | p3215-v_firmware | * |
| axis | p3363-v_firmware | * |
| axis | m3045-wv_firmware | * |
| axis | m3046-v_firmware | * |
| axis | f34_main_unit_firmware | * |
| axis | p3224-v_mk_ii_firmware | * |
| axis | p5635-ze_firmware | * |
| axis | q6054_firmware | * |
| axis | q1635-e_firmware | * |
| axis | q1615_mk_ii_firmware | * |
| axis | q6042-s_firmware | * |
| axis | q6055-s_firmware | * |
| axis | d2050-ve_firmware | * |
| axis | m3106-lve_mk_ii_firmware | * |
| axis | p1405-le_mk_ii_firmware | * |
| axis | p3367-ve_firmware | * |
| axis | q6055_firmware | * |
| axis | v5914_firmware | * |
| axis | xp60-q1765_firmware | * |
| axis | p1355-e_firmware | * |
| axis | q6035_firmware | * |
| axis | q6054-e_firmware | * |
| axis | m1124-e_firmware | * |
| axis | m3114-ve_firmware | * |
| axis | q8685-e_firmware | * |
| axis | a1001_firmware | * |
| axis | q1942-e_firmware | * |
| axis | m1103_firmware | * |
| axis | q6034_firmware | * |
| axis | p1354-e_firmware | * |
| axis | p5532-e_firmware | * |
| axis | p3215-ve_firmware | * |
| axis | xp40-q1765_firmware | * |
| axis | q6032_firmware | * |
| axis | q8414-lvs_firmware | * |
| axis | p3225-ve_mk_ii_firmware | * |
| axis | p3343-ve_firmware | * |
| axis | m3015_firmware | * |
| axis | a8004-v_firmware | * |
| axis | q3505-v_mk_ii_firmware | * |
| axis | q6044_firmware | * |
| axis | m2014-e_firmware | * |
| axis | q1615_firmware | * |
| axis | q7406_blade_firmware | * |
| axis | m1124_firmware | * |
| axis | q3515-lv_firmware | * |
| axis | q8742-le_zoom_firmware | * |
| axis | p1290_firmware | * |
| axis | m3204_firmware | * |
| axis | p5534-e_firmware | * |
| axis | a9161_firmware | * |
| axis | m1144-l_firmware | * |
| axis | m3203_firmware | * |
| axis | p3344_firmware | * |
| axis | q6052-e_firmware | * |
| axis | p1447-le_firmware | * |
| axis | q1755_firmware | * |
| axis | m3026-ve_firmware | * |
| axis | m7011_firmware | * |
| axis | m3106-l_firmware | * |
| axis | xp40-q1942_firmware | * |
| axis | p1364-e_firmware | * |
| axis | m1113-e_firmware | * |
| axis | p3214-ve_firmware | * |
| axis | m1145-l_firmware | * |
| axis | m1113_firmware | * |
| axis | m1004-w_firmware | * |
| axis | m2026-le_firmware | * |
| axis | q2901-e_pt_mount_firmware | * |
| axis | p3364-ve_firmware | * |
| axis | m3044-wv_firmware | * |
| axis | p3224-lv_mk_ii_firmware | * |
| axis | q3708-pve_firmware | * |
| axis | p3353_firmware | * |
| axis | p5415-e_firmware | * |
| axis | p5624-e_firmware | * |
| axis | m3047-p_firmware | * |
| axis | c3003-e_firmware | * |
| axis | p3375-v_firmware | * |
| axis | q6155-e_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | p3225-lv_firmware | * |
| axis | p1347-e_firmware | * |
| axis | p1355_firmware | * |
| axis | m5013_firmware | * |
| axis | q7401_firmware | * |
| axis | p3375-ve_firmware | * |
| axis | m3014_firmware | * |
| axis | a9188-v_firmware | * |
| axis | p3227-lve_firmware | * |
| axis | q6044-c_firmware | * |
| axis | p1347_firmware | * |
| axis | q1635-z_firmware | * |
| axis | p3915-r_mk_ii_firmware | * |
| axis | m3006-v_firmware | * |
| axis | p1245_firmware | * |
| axis | companion_recorder_4ch_firmware | * |
| axis | p3365-v_firmware | * |
| axis | p5515-e_firmware | * |
| axis | p1125-z_firmware | * |
| axis | p1354_firmware | * |
| axis | p5635-e_firmware | * |
| axis | p5414-e_firmware | * |
| axis | m5065_firmware | * |
| axis | m3005-v_firmware | * |
| axis | p3344-ve_firmware | * |
| axis | p1280_firmware | * |
| axis | p1368-e_firmware | * |
| axis | q1765-le_pt_mount_firmware | * |
| axis | m1014_firmware | * |
| axis | q6032-c_firmware | * |
| axis | q6045-e_mk_ii_firmware | * |
| axis | q1931-e_firmware | * |
| axis | p1353-e_firmware | * |
| axis | q8722-e_firmware | * |
| axis | p3346_firmware | * |
| axis | q6054-e_mk_ii_firmware | * |
| axis | q1765-le_firmware | * |
| axis | p3228-lv_firmware | * |
| axis | p8513_firmware | * |
An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality
CVSS 2.0
Severity: HIGH
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | p1354_firmware | 5.90.1.1 |
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality
CVSS 2.0
Severity: HIGH
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | m1033-w_firmware | 5.40.5.1 |
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | m1033-w_firmware | 5.40.5.1 |
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H | 1.6 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-122,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os_2016 | * |
| axis | axis_os | * |
| axis | axis_os_2018 | * |
| axis | axis_os_2020 | * |
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1286,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os_2016 | * |
| axis | axis_os | * |
| axis | axis_os_2018 | * |
| axis | axis_os_2020 | * |
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1286,CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os_2016 | * |
| axis | axis_os | * |
| axis | axis_os_2018 | * |
| axis | axis_os_2020 | * |
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-316,CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | device_manager | * |
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | ip_utility | * |
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed. No sensitive or customer data can be extracted as the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | a1610_(-b)_firmware | * |
| axis | axis_os | * |
| axis | a1601_firmware | * |
| axis | a1001_firmware | * |
| axis | a1210_(-b)_firmware | * |
Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP message it was possible to write data beyond the heap allocated buffer. The data written outside the buffer could be used to execute arbitrary code. lease refer to the Axis security advisory for more information, mitigation and affected products and software versions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H | 1.6 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | a1001_firmware | * |
A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 8.4 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | license_plate_verifier | * |
GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS OS was vulnerable to command injection allowing an attacker to run arbitrary code. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
| product-security@axis.com | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 0.5 | 6.0 |
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 2.8 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os_2016 | * |
| axis | axis_os | * |
| axis | axis_os_2018 | * |
| axis | axis_os_2022 | * |
| axis | axis_os_2020 | * |
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account however the impact is equal. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2022 | * |
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2022 | * |
| axis | axis_os_2020 | * |
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2018 | * |
| axis | axis_os_2022 | * |
| axis | axis_os_2020 | * |
A Vulnerability was discovered in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | 2.8 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | 207w_firmware | - |
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.8 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
| product-security@axis.com | 7.6 | HIGH | CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 0.9 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2022 | * |
Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator-privileges compared to administrator-privileges service accounts. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| product-security@axis.com | 6.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 2.8 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | p7216_firmware | * |
| axis | q7401_firmware | * |
| axis | q7414_firmware | * |
| axis | m7014_firmware | * |
| axis | m3025-ve_firmware | * |
| axis | m7016_firmware | * |
| axis | q7424-r_mk_ii_firmware | * |
| axis | m3024-lve_firmware | * |
| axis | p1214-e_firmware | * |
| axis | p7214_firmware | * |
| axis | q7404_firmware | * |
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| product-security@axis.com | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L | 2.8 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2022 | * |
| axis | axis_os_2020 | * |
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2022 | * |
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 3.5 | LOW | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N | 1.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
| nvd@nist.gov | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
| axis | axis_os_2022 | * |
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts. Axis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os_2024 | * |
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using maliciously crafted audit log entries. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.3 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.1 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticating with an administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 3.8 | LOW | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L | 1.2 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
| axis | axis_os_2022 | * |
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 9.4 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L | 3.9 | 5.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 8.5 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L | 2.5 | 5.3 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
| product-security@axis.com | 4.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 2.8 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
| axis | axis_os_2024 | * |
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H | 1.5 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.1 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 2.8 | 4.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 4.6 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N | 2.1 | 2.5 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 4.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | 0.9 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 9.0 | CRITICAL | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.3 | 6.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
| axis | device_manager | * |
| axis | camera_station | * |
The communication protocol used between client and server had a flaw that could be leveraged to execute a man in the middle attack.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N | 1.6 | 5.2 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | device_manager | * |
The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
| axis | device_manager | * |
The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
| axis | camera_station | * |
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.7 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.4 | MEDIUM | CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | camera_station_pro | * |
| axis | camera_station | * |
An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| product-security@axis.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| axis | axis_os | * |