Vulnerabilites related to Axis Communications AB - AXIS OS
CVE-2023-21415 (GCVE-0-2023-21415)
Vulnerability from cvelistv5
Published
2023-10-16 06:24
Modified
2024-11-08 08:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 6.50 – 11.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/b6/55/e2/cve-2023-21415pdf-en-US-416245.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21415",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T19:55:38.666787Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T19:55:47.712Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 6.50 \u2013 11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. \u003cbr\u003e"
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:33:59.027Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/b6/55/e2/cve-2023-21415pdf-en-US-416245.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21415",
"datePublished": "2023-10-16T06:24:13.381Z",
"dateReserved": "2022-11-04T18:30:01.767Z",
"dateUpdated": "2024-11-08T08:33:59.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5677 (GCVE-0-2023-5677)
Vulnerability from cvelistv5
Published
2024-02-05 05:20
Modified
2025-06-17 21:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Brandon
Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. The impact of exploiting
this vulnerability is lower with operator-privileges compared to
administrator-privileges service accounts. Please refer to the Axis security advisory
for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 5.51 Version: AXIS OS 6.50 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T15:05:44.458179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:24.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51"
},
{
"status": "affected",
"version": "AXIS OS 6.50"
}
]
}
],
"datePublic": "2024-02-05T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBrandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API \u003ci\u003etcptest.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution. \u003c/p\u003e"
}
],
"value": "Brandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T11:01:31.331Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/0a/47/d1/cve-2023-5677-en-US-483444.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5677",
"datePublished": "2024-02-05T05:20:24.483Z",
"dateReserved": "2023-10-20T07:48:06.861Z",
"dateUpdated": "2025-06-17T21:29:24.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21416 (GCVE-0-2023-21416)
Vulnerability from cvelistv5
Published
2023-11-21 06:49
Modified
2025-06-11 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account however the impact is equal. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 10.7 – 11.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/35/2a/a6/cve-2023-21416-en-US-417790.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21416",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T14:01:41.768388Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T14:02:06.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.7 \u2013 11.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003edynamicoverlay.cgi\u003c/i\u003e was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account however the impact is equal. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account however the impact is equal. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:34:51.225Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/35/2a/a6/cve-2023-21416-en-US-417790.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21416",
"datePublished": "2023-11-21T06:49:12.027Z",
"dateReserved": "2022-11-04T18:30:01.767Z",
"dateUpdated": "2025-06-11T14:02:06.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31986 (GCVE-0-2021-31986)
Vulnerability from cvelistv5
Published
2021-10-05 21:45
Modified
2024-11-08 08:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 6.40 or later |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:31.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31986.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 6.40 or later"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUser controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.\u003c/p\u003e"
}
],
"value": "User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:21:21.927Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31986.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@axis.com",
"ID": "CVE-2021-31986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AXIS OS",
"version": {
"version_data": [
{
"version_value": "AXIS OS 6.40 or later"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow, improper input validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/tech_notes/CVE-2021-31986.pdf",
"refsource": "MISC",
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31986.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2021-31986",
"datePublished": "2021-10-05T21:45:24",
"dateReserved": "2021-04-30T00:00:00",
"dateUpdated": "2024-11-08T08:21:21.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6173 (GCVE-0-2024-6173)
Vulnerability from cvelistv5
Published
2024-09-10 05:03
Modified
2024-11-29 05:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Summary
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 6.50 - 11.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:28:23.309803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:35:50.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "6.50 - 11.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\n\n\u003cbr\u003e"
}
],
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T05:33:10.464Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/5a/87/a2/cve-2024-6173-en-US-458042.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-6173",
"datePublished": "2024-09-10T05:03:35.854Z",
"dateReserved": "2024-06-19T19:16:21.128Z",
"dateUpdated": "2024-11-29T05:33:10.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21417 (GCVE-0-2023-21417)
Vulnerability from cvelistv5
Published
2023-11-21 06:53
Modified
2025-06-11 13:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program,
has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 8.50 – 11.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21417",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T20:39:36.013734Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T13:59:30.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 8.50 \u2013 11.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API \u003ci\u003emanageoverlayimage.cgi\u003c/i\u003e was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program,\n\nhas found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges.\n Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:27:01.130Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21417",
"datePublished": "2023-11-21T06:53:06.158Z",
"dateReserved": "2022-11-04T18:30:01.768Z",
"dateUpdated": "2025-06-11T13:59:30.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31987 (GCVE-0-2021-31987)
Vulnerability from cvelistv5
Published
2021-10-05 21:46
Modified
2024-11-08 08:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Summary
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 5.51 or later |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:31.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31987.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51 or later"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.\u003c/p\u003e"
}
],
"value": "A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:20:22.238Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31987.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@axis.com",
"ID": "CVE-2021-31987",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AXIS OS",
"version": {
"version_data": [
{
"version_value": "AXIS OS 5.51 or later"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper input validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/tech_notes/CVE-2021-31987.pdf",
"refsource": "MISC",
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31987.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2021-31987",
"datePublished": "2021-10-05T21:46:45",
"dateReserved": "2021-04-30T00:00:00",
"dateUpdated": "2024-11-08T08:20:22.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47262 (GCVE-0-2024-47262)
Vulnerability from cvelistv5
Published
2025-03-04 05:19
Modified
2025-03-28 07:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Other API endpoints or services not making use of param.cgi are not affected.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 6.50.0 ≤ Version: 7.0.0 ≤ Version: 9.0.0 ≤ Version: 10.0.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:25:28.866591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:08:43.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "6.50.5.19",
"status": "affected",
"version": "6.50.0",
"versionType": "semver"
},
{
"lessThan": "8.40.66",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "9.80.90",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.12.270",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.127",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.3.4",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Other API endpoints or services not making use of param.cgi are not affected. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Other API endpoints or services not making use of param.cgi are not affected. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:11:08.168Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/a3/18/6e/cve-2024-47262pdf-en-US-466884.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47262",
"datePublished": "2025-03-04T05:19:09.007Z",
"dateReserved": "2024-09-23T16:37:50.256Z",
"dateUpdated": "2025-03-28T07:11:08.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0325 (GCVE-0-2025-0325)
Vulnerability from cvelistv5
Published
2025-06-02 07:36
Modified
2025-06-02 13:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 6.50.0 ≤ Version: 7.0.0 ≤ Version: 9.0.0 ≤ Version: 10.0.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T13:21:58.179166Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T13:25:19.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "6.50.5.21",
"status": "affected",
"version": "6.50.0",
"versionType": "semver"
},
{
"lessThan": "8.40.74",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "9.80.100",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.12.278",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.142",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.4.28",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "51l3nc3"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker\u0026nbsp;to block access to the guard tour configuration page in the web interface of the Axis device."
}
],
"value": "A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker\u00a0to block access to the guard tour configuration page in the web interface of the Axis device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-628",
"description": "CWE-628: Function Call with Incorrectly Specified Arguments",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T07:36:55.800Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/d0/ae/fe/cve-2025-0325pdf-en-US-483808.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0325",
"datePublished": "2025-06-02T07:36:55.800Z",
"dateReserved": "2025-01-08T09:38:51.961Z",
"dateUpdated": "2025-06-02T13:25:19.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5553 (GCVE-0-2023-5553)
Vulnerability from cvelistv5
Published
2023-11-21 06:59
Modified
2025-06-10 14:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 10.8 - 11.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os:*:*:*:*:-:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"lessThanOrEqual": "11.6",
"status": "affected",
"version": "10.8",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T14:00:11.680274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T14:00:37.202Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"ARTPEC 8"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.8 - 11.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis\u0027 knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis\u0027 knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:25:35.388Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5553",
"datePublished": "2023-11-21T06:59:42.711Z",
"dateReserved": "2023-10-12T07:06:14.462Z",
"dateUpdated": "2025-06-10T14:00:37.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0066 (GCVE-0-2024-0066)
Vulnerability from cvelistv5
Published
2024-06-18 06:10
Modified
2024-11-08 08:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Summary
Johan Fagerström, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 5.51 -11.9 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*"
],
"defaultStatus": "unaffected",
"product": "axis_os_2020",
"vendor": "axis",
"versions": [
{
"lessThan": "9.80.69",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:axis:axis_os_2022:-:*:*:*:lts:*:*:*"
],
"defaultStatus": "unaffected",
"product": "axis_os_2022",
"vendor": "axis",
"versions": [
{
"lessThan": "10.12.236",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:axis:axis_os:5.51:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"lessThanOrEqual": "11.9",
"status": "affected",
"version": "5.51",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0066",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T19:00:56.546715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T20:01:45.648Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/03/49/2c/cve-2024-0066-en-US-442553.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51 -11.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Johan Fagerstr\u00f6m, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "Johan Fagerstr\u00f6m, member of the AXIS OS Bug Bounty Program, has found that a O3C feature may expose sensitive traffic between the client (Axis device) and (O3C) server. If O3C is not being used this flaw does not apply. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:50:35.312Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/03/49/2c/cve-2024-0066-en-US-442553.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-0066",
"datePublished": "2024-06-18T06:10:25.800Z",
"dateReserved": "2023-11-22T19:14:29.296Z",
"dateUpdated": "2024-11-08T08:50:35.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21414 (GCVE-0-2023-21414)
Vulnerability from cvelistv5
Published
2023-10-16 06:18
Modified
2024-11-08 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Axis Communications AB | AXIS OS |
Version: AXIS OS 10.11 - 11.5 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/45/3c/a1/cve-2023-21414pdf-en-US-412758.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os:*:*:*:*:-:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"lessThanOrEqual": "11.5",
"status": "affected",
"version": "10.11",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:axis:a8207-ve_mk_ii:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "a8207-ve_mk_ii",
"vendor": "axis",
"versions": [
{
"lessThan": "11.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:axis:q3527-lve:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "q3527-lve",
"vendor": "axis",
"versions": [
{
"lessThanOrEqual": "11.5",
"status": "affected",
"version": "10.11",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T17:32:46.140128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T17:42:45.182Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"ARTPEC 8"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.11 - 11.5"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXIS A8207-VE Mk II",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 11.5 or earlier"
}
]
},
{
"defaultStatus": "unaffected",
"product": "AXIS Q3527-LVE",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.11 - 11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:32:47.057Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/45/3c/a1/cve-2023-21414pdf-en-US-412758.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21414",
"datePublished": "2023-10-16T06:18:06.428Z",
"dateReserved": "2022-11-04T18:30:01.767Z",
"dateUpdated": "2024-11-08T08:32:47.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47260 (GCVE-0-2024-47260)
Vulnerability from cvelistv5
Published
2025-03-04 05:17
Modified
2025-03-28 07:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-641 - Improper Restriction of Names for Files and Other Resources
Summary
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 9.80.0 ≤ Version: 10.0.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47260",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:18:24.401019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:08:50.015Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "9.80.89",
"status": "affected",
"version": "9.80.0",
"versionType": "semver"
},
{
"lessThan": "10.12.270",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.135",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.3.1",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory.\u0026nbsp;\nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory.\u00a0\nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-641",
"description": "CWE-641: Improper Restriction of Names for Files and Other Resources",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:13:48.640Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/1d/d3/ef/cve-2024-47260pdf-en-US-466883.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47260",
"datePublished": "2025-03-04T05:17:35.063Z",
"dateReserved": "2024-09-23T16:37:50.255Z",
"dateUpdated": "2025-03-28T07:13:48.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21404 (GCVE-0-2023-21404)
Vulnerability from cvelistv5
Published
2023-05-08 00:00
Modified
2025-01-29 16:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Summary
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 11.0.X - 11.3.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/07/0a/20/cve-2023-21404-en-US-398426.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-21404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T16:11:58.437819Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T16:13:31.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 11.0.X - 11.3.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.\u003c/p\u003e"
}
],
"value": "AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:36:05.324Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/07/0a/20/cve-2023-21404-en-US-398426.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21404",
"datePublished": "2023-05-08T00:00:00.000Z",
"dateReserved": "2022-11-04T00:00:00.000Z",
"dateUpdated": "2025-01-29T16:13:31.188Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8160 (GCVE-0-2024-8160)
Vulnerability from cvelistv5
Published
2024-11-26 07:27
Modified
2025-03-28 07:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Summary
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticating with an administrator-privileged service account.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 10.9.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8160",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:03:54.135932Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:09:25.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "10.12.257",
"status": "affected",
"version": "10.9.0",
"versionType": "semver"
},
{
"lessThan": "11.11.116",
"status": "unaffected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.1.21",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003eftptest.cgi\u003c/i\u003e did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticating with an administrator-privileged service account. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticating with an administrator-privileged service account. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:18:14.700Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/permalink/231071/cve-2024-8160pdf-en-US_InternalID-231071.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-8160",
"datePublished": "2024-11-26T07:27:32.229Z",
"dateReserved": "2024-08-26T06:30:37.790Z",
"dateUpdated": "2025-03-28T07:18:14.700Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21418 (GCVE-0-2023-21418)
Vulnerability from cvelistv5
Published
2023-11-21 06:56
Modified
2025-06-11 13:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 6.50 – 11.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/49/93/55/cve-2023-21418-en-US-417792.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T13:58:09.982467Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T13:58:29.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 6.50 \u2013 11.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003eirissetup.cgi\u003c/i\u003e was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator service accounts and limited to non-system files compared to administrator-privileges. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:28:02.321Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/49/93/55/cve-2023-21418-en-US-417792.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21418",
"datePublished": "2023-11-21T06:56:09.221Z",
"dateReserved": "2022-11-04T18:30:01.768Z",
"dateUpdated": "2025-06-11T13:58:29.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0054 (GCVE-0-2024-0054)
Vulnerability from cvelistv5
Published
2024-03-19 06:35
Modified
2024-11-08 08:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS
versions for the highlighted flaw. Please refer to the Axis security advisory
for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 6.50 - 11.8 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/76/f3/1d/cve-2024-0054-en-US-432116.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T15:12:31.034533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T15:12:50.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 6.50 - 11.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eSandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs \u003ci\u003elocal_list.cgi\u003c/i\u003e, \u003ci\u003ecreate_overlay.cgi\u003c/i\u003e and \u003ci\u003eirissetup.cgi\u003c/i\u003e\u0026nbsp;was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.\n\n\u003c/div\u003e"
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi\u00a0was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:51:53.794Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/76/f3/1d/cve-2024-0054-en-US-432116.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-0054",
"datePublished": "2024-03-19T06:35:15.078Z",
"dateReserved": "2023-11-21T07:10:24.938Z",
"dateUpdated": "2024-11-08T08:51:53.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6979 (GCVE-0-2024-6979)
Vulnerability from cvelistv5
Published
2024-09-10 05:07
Modified
2025-03-28 07:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts.
Axis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.11.0 ≤ |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"status": "affected",
"version": "11.11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:16:30.463718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:26:23.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.94",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts. \nAxis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\n\n\u003cbr\u003e"
}
],
"value": "Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts. \nAxis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:24:34.043Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/c3/44/5b/cve-2024-6979-en-US-448997.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-6979",
"datePublished": "2024-09-10T05:07:42.554Z",
"dateReserved": "2024-07-22T11:34:26.029Z",
"dateUpdated": "2025-03-28T07:24:34.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5800 (GCVE-0-2023-5800)
Vulnerability from cvelistv5
Published
2024-02-05 05:20
Modified
2025-06-17 21:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Vintage,
member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. Axis has released patched AXIS OS
versions for the highlighted flaw. Please refer to the Axis security advisory
for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 11.8, 10.12, 9.80, 8.40, 6.50 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:14:24.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5800",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-13T19:55:33.675031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:24.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 11.8, 10.12, 9.80, 8.40, 6.50"
}
]
}
],
"datePublic": "2024-02-05T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003ecreate_overlay.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution.\u003c/p\u003e"
}
],
"value": "Vintage,\nmember of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:22:51.675Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/89/d9/99/cve-2023-5800-en-US-424339.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient input validation in VAPIX API create_overlay.cgi",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5800",
"datePublished": "2024-02-05T05:20:38.668Z",
"dateReserved": "2023-10-26T10:41:05.983Z",
"dateUpdated": "2025-06-17T21:29:24.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31988 (GCVE-0-2021-31988)
Vulnerability from cvelistv5
Published
2021-10-05 21:48
Modified
2024-11-08 08:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Summary
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 5.51 or later |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:10:31.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31988.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51 or later"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.\u003c/p\u003e"
}
],
"value": "A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:20:43.807Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31988.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@axis.com",
"ID": "CVE-2021-31988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AXIS OS",
"version": {
"version_data": [
{
"version_value": "AXIS OS 5.51 or later"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper input validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/tech_notes/CVE-2021-31988.pdf",
"refsource": "MISC",
"url": "https://www.axis.com/files/tech_notes/CVE-2021-31988.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2021-31988",
"datePublished": "2021-10-05T21:48:03",
"dateReserved": "2021-04-30T00:00:00",
"dateUpdated": "2024-11-08T08:20:43.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0361 (GCVE-0-2025-0361)
Vulnerability from cvelistv5
Published
2025-04-08 05:38
Modified
2025-04-08 14:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Discrepancy
Summary
During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.11.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0361",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:15:19.203931Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:50:47.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.141",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
},
{
"lessThan": "12.3.56",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API."
}
],
"value": "During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T05:38:02.631Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/f4/9b/13/cve-2025-0361pdf-en-US-474511.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0361",
"datePublished": "2025-04-08T05:38:02.631Z",
"dateReserved": "2025-01-09T08:02:54.458Z",
"dateUpdated": "2025-04-08T14:50:47.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0360 (GCVE-0-2025-0360)
Vulnerability from cvelistv5
Published
2025-03-04 05:24
Modified
2025-03-26 12:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.11.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0360",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:24:36.501277Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:08:31.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.135",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
},
{
"lessThan": "12.2.41",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API."
}
],
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could lead to an incorrect user privilege level in the VAPIX service account D-Bus API."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T12:09:06.856Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/b1/fe/46/cve-2025-0360pdf-en-US-466887.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0360",
"datePublished": "2025-03-04T05:24:00.720Z",
"dateReserved": "2025-01-09T08:02:46.361Z",
"dateUpdated": "2025-03-26T12:09:06.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0055 (GCVE-0-2024-0055)
Vulnerability from cvelistv5
Published
2024-03-19 06:39
Modified
2024-11-08 08:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Summary
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 10.12 - 11.8 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0055",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-19T12:53:50.585876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-20T21:07:59.605Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/c4/00/c5/cve-2024-0055-en-US-432117.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.12 - 11.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs \u003ci\u003emediaclip.cgi\u003c/i\u003e and \u003ci\u003eplayclip.cgi\u003c/i\u003e was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\u003cbr\u003e"
}
],
"value": "Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:51:23.936Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/c4/00/c5/cve-2024-0055-en-US-432117.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-0055",
"datePublished": "2024-03-19T06:39:24.100Z",
"dateReserved": "2023-11-21T07:10:29.057Z",
"dateUpdated": "2024-11-08T08:51:23.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47261 (GCVE-0-2024-47261)
Vulnerability from cvelistv5
Published
2025-04-08 05:33
Modified
2025-04-08 14:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 10.12.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47261",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-08T13:15:26.591752Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T14:50:58.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "10.12.276",
"status": "affected",
"version": "10.12.0",
"versionType": "semver"
},
{
"lessThan": "11.11.141",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.3.56",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003euploadoverlayimage.cgi\u003c/i\u003e did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device. \u003cbr\u003e"
}
],
"value": "51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T05:33:58.782Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/18/c5/b2/cve-2024-47261pdf-en-US-474505.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47261",
"datePublished": "2025-04-08T05:33:58.782Z",
"dateReserved": "2024-09-23T16:37:50.255Z",
"dateUpdated": "2025-04-08T14:50:58.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0324 (GCVE-0-2025-0324)
Vulnerability from cvelistv5
Published
2025-06-02 07:32
Modified
2025-06-02 13:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-791 - Incomplete Filtering of Special Elements
Summary
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.8.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T13:26:08.831056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T13:26:30.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.140",
"status": "affected",
"version": "11.8.0",
"versionType": "semver"
},
{
"lessThan": "12.3.33",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Malacupa"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain\u0026nbsp;administrator privileges."
}
],
"value": "The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain\u00a0administrator privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-791",
"description": "CWE-791: Incomplete Filtering of Special Elements",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T07:32:56.772Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/04/f3/1c/cve-2025-0324pdf-en-US-483807.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0324",
"datePublished": "2025-06-02T07:32:56.772Z",
"dateReserved": "2025-01-08T07:53:56.487Z",
"dateUpdated": "2025-06-02T13:26:30.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6509 (GCVE-0-2024-6509)
Vulnerability from cvelistv5
Published
2024-09-10 04:58
Modified
2025-03-28 07:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
Summary
Marinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 6.50.0 ≤ Version: 7.0.0 ≤ Version: 9.0.0 ≤ Version: 10.0.0 ≤ Version: 11.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:28:40.370380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:38:10.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "6.50.5.19",
"status": "affected",
"version": "6.50.0",
"versionType": "semver"
},
{
"lessThan": "8.40.59",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "9.80.78",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.12.249",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.93",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API \u003ci\u003ealwaysmulti.cgi\u003c/i\u003e was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:27:30.180Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/f6/c6/f5/cve-2024-6509-en-US-458043.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-6509",
"datePublished": "2024-09-10T04:58:28.559Z",
"dateReserved": "2024-07-04T11:14:14.032Z",
"dateUpdated": "2025-03-28T07:27:30.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3892 (GCVE-0-2025-3892)
Vulnerability from cvelistv5
Published
2025-08-12 05:14
Modified
2025-08-14 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-250 - Execution with Unnecessary Privileges
Summary
ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3892",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:56:10.702Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "12.5.31",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "URCQ"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP\u0026nbsp;applications, and if an attacker convinces the victim to install a malicious ACAP application."
}
],
"value": "ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP\u00a0applications, and if an attacker convinces the victim to install a malicious ACAP application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-250",
"description": "CWE-250: Execution with Unnecessary Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T05:14:43.655Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/ae/19/16/cve-2025-3892pdf-en-US-492760.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-3892",
"datePublished": "2025-08-12T05:14:43.655Z",
"dateReserved": "2025-04-23T06:57:37.077Z",
"dateUpdated": "2025-08-14T03:56:10.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0359 (GCVE-0-2025-0359)
Vulnerability from cvelistv5
Published
2025-03-04 05:21
Modified
2025-03-28 07:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.11.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0359",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:18:21.373964Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:08:37.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.135",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
},
{
"lessThan": "12.2.52",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:03:53.756Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/68/08/c5/cve-2025-0359pdf-en-US-466885.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0359",
"datePublished": "2025-03-04T05:21:34.944Z",
"dateReserved": "2025-01-09T07:07:53.354Z",
"dateUpdated": "2025-03-28T07:03:53.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21413 (GCVE-0-2023-21413)
Vulnerability from cvelistv5
Published
2023-10-16 06:08
Modified
2025-06-16 16:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS OS was vulnerable to command injection allowing an attacker to run arbitrary code. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 10.5 – 11.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:36:34.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/ad/ff/83/cve-2023-21413pdf-en-US-412755.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os:*:*:*:*:-:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"lessThanOrEqual": "11.5",
"status": "affected",
"version": "10.5",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21413",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T17:05:43.917844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T16:51:55.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 10.5 \u2013 11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS OS was vulnerable to command injection allowing an attacker to run arbitrary code. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\u003cbr\u003e"
}
],
"value": "GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS OS was vulnerable to command injection allowing an attacker to run arbitrary code. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:32:01.072Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/ad/ff/83/cve-2023-21413pdf-en-US-412755.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Remote code execution vulnerability during the installation of ACAP applications on the Axis device",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-21413",
"datePublished": "2023-10-16T06:08:33.349Z",
"dateReserved": "2022-11-04T18:30:01.767Z",
"dateUpdated": "2025-06-16T16:51:55.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0067 (GCVE-0-2024-0067)
Vulnerability from cvelistv5
Published
2024-09-10 04:54
Modified
2024-11-08 08:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-35 - Path Traversal
Summary
Marinus Pfund, member of the AXIS OS Bug Bounty Program,
has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 8.40 - 11.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0067",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:29:00.417539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:37:01.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "8.40 - 11.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API \u003ci\u003eledlimit.cgi\u003c/i\u003e was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35: Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:47:17.015Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/c7/d0/91/cve-2024-0067-en-US-448994.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-0067",
"datePublished": "2024-09-10T04:54:45.733Z",
"dateReserved": "2023-11-22T19:14:31.261Z",
"dateUpdated": "2024-11-08T08:47:17.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47259 (GCVE-0-2024-47259)
Vulnerability from cvelistv5
Published
2025-03-04 05:15
Modified
2025-03-28 07:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources.
Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 11.11.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:18:27.838430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:08:56.160Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.126",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
},
{
"lessThan": "12.2.52",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\n\n\n\n\u003cbr\u003e"
}
],
"value": "Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files to the Axis device with the purpose to exhaust system resources. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:15:06.622Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/13/cd/4a/cve-2024-47259pdf-en-US-466882.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-47259",
"datePublished": "2025-03-04T05:15:16.499Z",
"dateReserved": "2024-09-23T16:37:50.255Z",
"dateUpdated": "2025-03-28T07:15:06.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0358 (GCVE-0-2025-0358)
Vulnerability from cvelistv5
Published
2025-06-02 07:39
Modified
2025-06-02 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-02T12:57:14.948215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T12:59:42.360Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "12.4.0",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a\u0026nbsp;lower-privileged user to gain administrator privileges."
}
],
"value": "During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a\u00a0lower-privileged user to gain administrator privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T07:42:55.401Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/35/90/85/cve-2025-0358pdf-en-US-483809.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-0358",
"datePublished": "2025-06-02T07:39:50.165Z",
"dateReserved": "2025-01-09T07:07:32.611Z",
"dateUpdated": "2025-06-02T12:59:42.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8772 (GCVE-0-2024-8772)
Vulnerability from cvelistv5
Published
2024-11-26 07:24
Modified
2025-03-28 07:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1286 - Improper Validation of Syntactic Correctness of Input
Summary
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 9.80.0 ≤ Version: 10.0.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8772",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:03:47.694750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:09:25.289Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "9.80.84",
"status": "affected",
"version": "9.80.0",
"versionType": "semver"
},
{
"lessThan": "10.12.259",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.118",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.1.28",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API \u003ci\u003emanagedoverlayimages.cgi\u003c/i\u003e was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:16:28.604Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/permalink/231072/cve-2024-8772pdf-en-US_InternalID-231072.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-8772",
"datePublished": "2024-11-26T07:24:27.026Z",
"dateReserved": "2024-09-13T04:58:51.727Z",
"dateUpdated": "2025-03-28T07:16:28.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30027 (GCVE-0-2025-30027)
Vulnerability from cvelistv5
Published
2025-08-12 05:18
Modified
2025-08-14 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: 12.0.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30027",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:56:11.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "12.3.36",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "URCQ"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP\u0026nbsp;application."
}
],
"value": "An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP\u00a0application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T05:19:14.146Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/ab/9a/a5/cve-2025-30027pdf-en-US-492762.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2025-30027",
"datePublished": "2025-08-12T05:18:26.937Z",
"dateReserved": "2025-03-14T05:27:55.732Z",
"dateUpdated": "2025-08-14T03:56:11.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7784 (GCVE-0-2024-7784)
Vulnerability from cvelistv5
Published
2024-09-10 05:14
Modified
2025-03-28 07:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Axis Communications AB | AXIS OS |
Version: 10.9.0 ≤ Version: 11.0.0 ≤ Version: 12.0.0 ≤ |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:axis:axis_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"lessThan": "11.11",
"status": "affected",
"version": "10.9",
"versionType": "custom"
},
{
"lessThan": "11.11",
"status": "affected",
"version": "10.10",
"versionType": "custom"
},
{
"lessThan": "11.11",
"status": "affected",
"version": "11.8",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:axis:axis_os:11.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "axis_os",
"vendor": "axis",
"versions": [
{
"status": "affected",
"version": "11.11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7784",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:09:41.112495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:28:46.063Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"ARTPEC 8"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "10.12.246",
"status": "affected",
"version": "10.9.0",
"versionType": "semver"
},
{
"lessThan": "11.11.80",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.0.40",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"i.MX8 QP"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.80",
"status": "affected",
"version": "11.11.0",
"versionType": "semver"
},
{
"lessThan": "12.0.47",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"i.MX6 SX",
"i.MX6 ULL"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "10.12.247",
"status": "affected",
"version": "10.10.0",
"versionType": "semver"
},
{
"lessThan": "11.11.85",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
},
{
"lessThan": "12.0.47",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"i.MX8M Mini",
"i.MX8M Nano UL"
],
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "11.11.85",
"status": "affected",
"version": "11.8.0",
"versionType": "semver"
},
{
"lessThan": "12.0.47",
"status": "affected",
"version": "12.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis\u0027 knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"value": "During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis\u0027 knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:23:28.450Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/ba/5f/4e/cve-2024-7784-en-US-448998.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-7784",
"datePublished": "2024-09-10T05:14:33.855Z",
"dateReserved": "2024-08-14T07:55:10.630Z",
"dateUpdated": "2025-03-28T07:23:28.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}