Published: 05/10/2021 Updated: 13/10/2021
CVSS v2 Base Score: 4 | Impact Score: 4.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 6.8 | Impact Score: 5.2 | Exploitability Score: 1.6
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:P

Vulnerability Summary

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

axis axis os

axis axis os 2016

axis axis os 2018

axis axis os 2020

Recent Articles

Rickroll Grad Prank Exposes Exterity IPTV Bug
Threatpost • Becky Bracken • 14 Oct 2021

When Township High School District 214 in Illinois got rickrolled all at once across its six different schools just before graduation, it was more than a meticulously executed senior prank.
Cybersecurity star-in-the-making and recent high-school graduate Minh Duong found, and was able to exploit, a zero-day bug in the district’s Exterity IPTV system. The goof was received in good humor by school administrators, luckily for Minh and his cohorts, and the bug was reported to Exterity.

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft
Threatpost • Tara Seals • 05 Oct 2021

Three vulnerabilities in the IP video-surveillance systems created by Axis Communications could allow arbitrary code execution, among other attacks.
That’s according to Nozomi Networks Labs, whose researchers examined the company’s Axis Companion Recorder, a compact network video recorder (NVR) that stores IP surveillance video coming from attached cameras (it can support up to eight at one time).

They found that the three bugs (CVE-2021-31986, CVE-2021-31987, CVE-2021-319...