Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-31989
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
Axis Device Manager
4.4
CVSSv2
CVE-2022-23410
AXIS IP Utility prior to 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be pla...
Axis Ip Utility
7.6
CVSSv2
CVE-2018-9156
An issue exists on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server ...
Axis P1354 Firmware 5.90.1.1
NA
CVE-2023-21412
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.
Axis License Plate Verifier
4.3
CVSSv2
CVE-2007-5214
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstra...
Axis 2100 Network Camera
NA
CVE-2023-21407
A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.
Axis License Plate Verifier
NA
CVE-2023-21408
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.
Axis License Plate Verifier
NA
CVE-2023-21409
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.
Axis License Plate Verifier
NA
CVE-2023-21411
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.
Axis License Plate Verifier
4.9
CVSSv2
CVE-2007-4928
The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information.
Axis 207w Network Camera
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »