Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-21406
Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid...
Axis A1001 Firmware
NA
CVE-2023-22984
A Vulnerability exists in Axis 207W network camera. There is a reflected XSS vulnerability in the web administration portal, which allows an malicious user to execute arbitrary JavaScript via URL.
Axis 207w Firmware -
NA
CVE-2023-21414
NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has ...
Axis Axis Os
9
CVSSv2
CVE-2015-8257
The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.
Axis Network Camera Firmware -
1 EDB exploit
10
CVSSv2
CVE-2000-0191
Axis StorPoint CD allows remote malicious users to access administrator URLs without authentication via a .. (dot dot) attack.
Axis Storpoint Cd
1 EDB exploit
5
CVSSv2
CVE-2007-2353
Apache Axis 1.0 allows remote malicious users to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.
Apache Axis 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2017-15885
Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an malicious user to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214.
Axis 2100 Network Camera Firmware 2.03
4.3
CVSSv2
CVE-2017-12413
AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml.
Axis 2100 Network Camera Firmware 2.43
9.3
CVSSv2
CVE-2007-4926
The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote malicious users to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors.
Axis 207w Camera
6.5
CVSSv2
CVE-2020-2179
Jenkins Yaml Axis Plugin 0.2.0 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Yaml Axis
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »