Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2018-10661

Published: 26/06/2018 Updated: 03/10/2019
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to A1001 Firmware

Vulnerability Summary

An issue exists in multiple models of Axis IP Cameras. There is a bypass of access control.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

axis a1001_firmware

axis a8004-v_firmware

axis a8105-e_firmware

axis a9161_firmware

axis a9188_firmware

axis a9188-v_firmware

axis c1004-e_firmware

axis c2005_firmware

axis c3003-e_firmware

axis c8033_firmware

axis companion_bullet_le_firmware

axis companion_c360_firmware

axis companion_cube_l_firmware

axis companion_cube_lw_firmware

axis companion_dome_v_firmware

axis companion_dome_wv_firmware

axis companion_eye_l_firmware

axis companion_eye_lve_firmware

axis companion_recorder_4ch_firmware

axis companion_recorder_8ch_firmware

axis d2050-ve_firmware

axis f34_main_unit_firmware

axis f41_main_unit_firmware

axis f44_dual_audio_input_firmware

axis f44_main_unit_firmware

axis fa54_main_unit_firmware

axis m1004-w_firmware

axis m1013_firmware

axis m1014_firmware

axis m1025_firmware

axis m1033-w_firmware

axis m1034-w_firmware

axis m1045-lw_firmware

axis m1054_firmware

axis m1065-l_firmware

axis m1065-lw_firmware

axis m1103_firmware

axis m1104_firmware

axis m1113_firmware

axis m1113-e_firmware

axis m1114_firmware

axis m1114-e_firmware

axis m1124_firmware

axis m1124-e_firmware

axis m1125_firmware

axis m1125-e_firmware

axis m1143-l_firmware

axis m1144-l_firmware

axis m1145_firmware

axis m1145-l_firmware

axis m2014-e_firmware

axis m2025-le_firmware

axis m2026-le_firmware

axis m2026-le_mk_ii_firmware

axis m3004-v_firmware

axis m3005-v_firmware

axis m3006-v_firmware

axis m3007-p_firmware

axis m3007-pv_firmware

axis m3014_firmware

axis m3015_firmware

axis m3016_firmware

axis m3024-lve_firmware

axis m3025-ve_firmware

axis m3026-ve_firmware

axis m3027-pve_firmware

axis m3037-pve_firmware

axis m3044-v_firmware

axis m3044-wv_firmware

axis m3045-v_firmware

axis m3045-wv_firmware

axis m3046-v_firmware

axis m3046-v_1.8mm_firmware

axis m3047-p_firmware

axis m3048-p_firmware

axis m3104-l_firmware

axis m3104-lve_firmware

axis m3105-l_firmware

axis m3105-lve_firmware

axis m3106-l_firmware

axis m3106-l_mk_ii_firmware

axis m3106-lve_firmware

axis m3106-lve_mk_ii_firmware

axis m3113-r_firmware

axis m3113-ve_firmware

axis m3114-r_firmware

axis m3114-ve_firmware

axis m3203_firmware

axis m3203-v_firmware

axis m3204_firmware

axis m3204-v_firmware

axis m5013_firmware

axis m5013-v_firmware

axis m5014_firmware

axis m5014-v_firmware

axis m5054_firmware

axis m5055_firmware

axis m5065_firmware

axis m5525-e_firmware

axis m7010_firmware

axis m7011_firmware

axis m7014_firmware

axis m7016_firmware

axis p1125-z_firmware

axis p1125-zl_firmware

axis p1126-z_firmware

axis p1126-zl_firmware

axis p1204_firmware

axis p1214_firmware

axis p1214-e_firmware

axis p1224-e_firmware

axis p1244_firmware

axis p1245_firmware

axis p1254_firmware

axis p1264_firmware

axis p1265_firmware

axis p1275_firmware

axis p1280_firmware

axis p1290_firmware

axis p1325-z_firmware 7.10.1.1

axis p1343_firmware

axis p1343-e_firmware

axis p1344_firmware

axis p1344-e_firmware

axis p1346_firmware

axis p1346-e_firmware

axis p1347_firmware

axis p1347-e_firmware

axis p1353_firmware

axis p1353-e_firmware

axis p1354_firmware

axis p1354-e_firmware

axis p1355_firmware

axis p1355-e_firmware

axis p1357_firmware

axis p1357-e_firmware

axis p1364_firmware

axis p1364-e_firmware

axis p1365_firmware

axis p1365_mk_ii_firmware

axis p1365-e_firmware

axis p1365-e_mk_ii_firmware

axis p1367_firmware

axis p1367-e_firmware

axis p1368-e_firmware

axis p1405-e_firmware

axis p1405-le_firmware

axis p1405-le_mk_ii_firmware

axis p1425-e_firmware

axis p1425-le_firmware

axis p1425-le_mk_ii_firmware

axis p1427-e_firmware

axis p1427-le_firmware

axis p1428-e_firmware

axis p1435-e_firmware

axis p1435-le_firmware

axis p1447-le_firmware

axis p1448-le_firmware

axis p3114-i_firmware

axis p3114-z_firmware

axis p3115-i_firmware

axis p3115-z_firmware

axis p3125-z_firmware

axis p3214-v_firmware

axis p3214-ve_firmware

axis p3215-v_firmware

axis p3215-ve_firmware

axis p3224-lv_firmware

axis p3224-lv_mk_ii_firmware

axis p3224-lve_firmware

axis p3224-lve_mk_ii_firmware

axis p3224-v_mk_ii_firmware

axis p3224-ve_mk_ii_firmware

axis p3225-lv_firmware

axis p3225-lv_mk_ii_firmware

axis p3225-lve_firmware

axis p3225-lve_mk_ii_firmware

axis p3225-v_mk_ii_firmware

axis p3225-ve_mk_ii_firmware

axis p3227-lv_firmware

axis p3227-lve_firmware

axis p3228-lv_firmware

axis p3228-lve_firmware

axis p3301_firmware

axis p3301-v_firmware

axis p3304_firmware

axis p3304-v_firmware

axis p3314-z_firmware

axis p3314-zl_firmware

axis p3315-z_firmware

axis p3315-zl_firmware

axis p3343_firmware

axis p3343-v_firmware

axis p3343-ve_firmware

axis p3344_firmware

axis p3344-v_firmware

axis p3344-ve_firmware

axis p3346_firmware

axis p3346-v_firmware

axis p3346-ve_firmware

axis p3353_firmware

axis p3354_firmware

axis p3363-v_firmware

axis p3363-ve_firmware

axis p3364-lv_firmware

axis p3364-lve_firmware

axis p3364-v_firmware

axis p3364-ve_firmware

axis p3365-v_firmware

axis p3365-ve_firmware

axis p3367-v_firmware

axis p3367-ve_firmware

axis p3374-lv_firmware

axis p3374-v_firmware

axis p3375-lv_firmware

axis p3375-lve_firmware

axis p3375-v_firmware

axis p3375-ve_firmware

axis p3384-v_firmware

axis p3384-ve_firmware

axis p3705-z_firmware

axis p3706-z_firmware

axis p3707-pe_firmware

axis p3904-r_firmware

axis p3904-r_mk_ii_firmware

axis p3905-r_firmware

axis p3905-r_mk_ii_firmware

axis p3905-re_firmware

axis p3915-r_firmware

axis p3915-r_mk_ii_firmware

axis p5414-e_firmware

axis p5415-e_firmware

axis p5512_firmware

axis p5512-e_firmware

axis p5514_firmware

axis p5514-e_firmware

axis p5515_firmware

axis p5515-e_firmware

axis p5522_firmware

axis p5522-e_firmware

axis p5532_firmware

axis p5532-e_firmware

axis p5534_firmware

axis p5534-e_firmware

axis p5544_firmware

axis p5624-e_firmware

axis p5624-e_mk_ii_firmware

axis p5635-e_firmware

axis p5635-e_mk_ii_firmware

axis p5635-ze_firmware

axis p7210_firmware

axis p7214_firmware

axis p7216_firmware

axis p7224_blade_firmware

axis p8513_firmware

axis p8514_firmware

axis p8524_firmware

axis q1602_firmware

axis q1602-e_firmware

axis q1604_firmware

axis q1604-e_firmware

axis q1605-z_firmware

axis q1614_firmware

axis q1614-e_firmware

axis q1615_firmware

axis q1615_mk_ii_firmware

axis q1615-e_firmware

axis q1615-e_mk_ii_firmware

axis q1635_firmware

axis q1635-e_firmware

axis q1635-z_firmware

axis q1645_firmware

axis q1647_firmware

axis q1659_firmware

axis q1755_firmware

axis q1755-e_firmware

axis q1765-le_firmware

axis q1765-le_pt_mount_firmware

axis q1775_firmware

axis q1775-e_firmware

axis q1910_firmware

axis q1910-e_firmware 5.51.5

axis q1921_firmware

axis q1921-e_firmware

axis q1922_firmware

axis q1922-e_firmware

axis q1931-e_firmware

axis q1931-e_pt_mount_firmware

axis q1932-e_firmware

axis q1932-e_pt_mount_firmware

axis q1941-e_firmware

axis q1941-e_pt_mount_firmware

axis q1942-e_firmware

axis q1942-e_pt_mount_firmware

axis q2901-e_firmware

axis q2901-e_pt_mount_firmware

axis q3504-v_firmware

axis q3504-ve_firmware

axis q3505-sve_mk_ii_firmware

axis q3505-v_firmware

axis q3505-v_mk_ii_firmware

axis q3505-ve_firmware

axis q3505-ve_mk_ii_firmware

axis q3515-lv_firmware

axis q3515-lve_firmware

axis q3517-lv_firmware

axis q3517-lve_firmware

axis q3615-ve_firmware

axis q3617-ve_firmware

axis q3708-pve_firmware

axis q3709-pve_firmware

axis q6000-e_firmware

axis q6000-e_mk_ii_firmware

axis q6032_firmware

axis q6032-c_firmware

axis q6032-e_firmware

axis q6034_firmware

axis q6034-c_firmware

axis q6034-e_firmware

axis q6035_firmware

axis q6035-c_firmware

axis q6035-e_firmware

axis q6042_firmware

axis q6042-c_firmware

axis q6042-e_firmware

axis q6042-s_firmware

axis q6044_firmware

axis q6044-c_firmware

axis q6044-e_firmware

axis q6044-s_firmware

axis q6045_firmware

axis q6045_mk_ii_firmware

axis q6045-c_firmware

axis q6045-c_mk_ii_firmware

axis q6045-e_firmware

axis q6045-e_mk_ii_firmware

axis q6045-s_firmware

axis q6045-s_mk_ii_firmware

axis q6052_firmware

axis q6052-e_firmware

axis q6054_firmware

axis q6054_mk_ii_firmware

axis q6054-e_firmware

axis q6054-e_mk_ii_firmware

axis q6055_firmware

axis q6055-c_firmware

axis q6055-e_firmware

axis q6055-s_firmware

axis q6114-e_firmware

axis q6115-e_firmware

axis q6124-e_firmware

axis q6125-le_firmware

axis q6128-e_firmware

axis q6155-e_firmware

axis q7401_firmware

axis q7404_firmware

axis q7406_blade_firmware

axis q7411_firmware

axis q7414_blade_firmware

axis q7424-r_firmware

axis q7424-r_mk_ii_firmware

axis q7436_blade_firmware

axis q8414-lvs_firmware

axis q8631-e_firmware

axis q8632-e_firmware

axis q8641-e_firmware

axis q8642-e_firmware

axis q8655-zle_firmware

axis q8665-e_firmware

axis q8665-le_firmware

axis q8675-ze_firmware

axis q8685-e_firmware

axis q8685-le_firmware

axis q8721-e_firmware

axis q8722-e_firmware

axis q8741-e_firmware

axis q8741-le_firmware

axis q8742-e_firmware

axis q8742-le_firmware

axis q8742-e_zoom_firmware

axis q8742-le_zoom_firmware

axis v5914_firmware

axis v5915_firmware

axis xf40-q1765_firmware

axis xf40-q2901_firmware

axis xf60-q2901_firmware

axis xp40-q1765_firmware

axis xp40-q1942_firmware

axis xp60-q1765_firmware

axis d201-s_xpt_q6055_firmware

Exploits

Exploit DB: Axis Network Camera - .srv to parhand RCE (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient #include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info, ...

Github Repositories

https://github.com/mascencerro/axis-rce

Proof of Concept for RCE and information leakage on vulnerable AXIS Network Cameras

PoC Exploit for AXIS Network Cameras CVE-2018-10660 Shell Command Injection CVE-2018-10661 Access Control Bypass CVE-2018-10662 Exposed Insecure Interface !!! FOR EDUCATIONAL PURPOSES !!! Test device for vulnerability Enable and modify overlay text on cam image Arbitrary file read and output to image text overlay Remote code execution Optional takeover script w

Recent Articles

Not so private eye: Got an Axis network cam? You'll need to patch it, unless you like hackers
The Register • Shaun Nichols in San Francisco • 18 Jun 2018

According to magic people, VDOO people

Researchers have detailed a string of vulnerabilities that, when exploited in combination, would allow for hundreds of models of internet-linked surveillance cameras to be remotely hijacked. Security biz VDOO said today it privately alerted cam-maker Axis Communications to the seven bugs it found in its gizmos, leading to the manufacturer issuing firmware updates for roughly 400 models of connected surveillance cameras that would be vulnerable to attack. Owners of at-risk gear are urged advised ...

Read more...

References

NVD-CWE-noinfohttps://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdfhttps://www.axis.com/files/faq/Advisory_ACV-128401.pdfhttps://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/https://www.exploit-db.com/exploits/45100/https://nvd.nist.govhttps://github.com/mascencerro/axis-rcehttps://www.exploit-db.com/exploits/45100/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook