Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for p1214-e_firmware by axis
CVE-2023-5677 (GCVE-0-2023-5677)
Vulnerability from cvelistv5 – Published: 2024-02-05 05:20 – Updated: 2025-06-17 21:29
VLAI
Summary
Brandon
Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. The impact of exploiting
this vulnerability is lower with operator-privileges compared to
administrator-privileges service accounts. Please refer to the Axis security advisory
for more information and solution.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Axis Communications AB | AXIS OS |
Affected:
AXIS OS 5.51
Affected: AXIS OS 6.50 |
Date Public
2024-02-05 05:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T15:05:44.458179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:24.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51"
},
{
"status": "affected",
"version": "AXIS OS 6.50"
}
]
}
],
"datePublic": "2024-02-05T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBrandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API \u003ci\u003etcptest.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution. \u003c/p\u003e"
}
],
"value": "Brandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T11:01:31.331Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/0a/47/d1/cve-2023-5677-en-US-483444.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5677",
"datePublished": "2024-02-05T05:20:24.483Z",
"dateReserved": "2023-10-20T07:48:06.861Z",
"dateUpdated": "2025-06-17T21:29:24.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10663 (GCVE-0-2018-10663)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10663",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:47.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10658 (GCVE-0-2018-10658)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10658",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10664 (GCVE-0-2018-10664)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10664",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10661 (GCVE-0-2018-10661)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10661",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10659 (GCVE-0-2018-10659)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10659",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10662 (GCVE-0-2018-10662)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10662",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10660 (GCVE-0-2018-10660)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10660",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5677 (GCVE-0-2023-5677)
Vulnerability from nvd – Published: 2024-02-05 05:20 – Updated: 2025-06-17 21:29
VLAI
Summary
Brandon
Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. The impact of exploiting
this vulnerability is lower with operator-privileges compared to
administrator-privileges service accounts. Please refer to the Axis security advisory
for more information and solution.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Axis Communications AB | AXIS OS |
Affected:
AXIS OS 5.51
Affected: AXIS OS 6.50 |
Date Public
2024-02-05 05:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5677",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-05T15:05:44.458179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:24.839Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51"
},
{
"status": "affected",
"version": "AXIS OS 6.50"
}
]
}
],
"datePublic": "2024-02-05T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBrandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API \u003ci\u003etcptest.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution. \u003c/p\u003e"
}
],
"value": "Brandon\nRothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T11:01:31.331Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/0a/47/d1/cve-2023-5677-en-US-483444.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5677",
"datePublished": "2024-02-05T05:20:24.483Z",
"dateReserved": "2023-10-20T07:48:06.861Z",
"dateUpdated": "2025-06-17T21:29:24.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10663 (GCVE-0-2018-10663)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10663",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:47.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10658 (GCVE-0-2018-10658)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10658",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10664 (GCVE-0-2018-10664)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10664",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10661 (GCVE-0-2018-10661)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10661",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10659 (GCVE-0-2018-10659)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10659",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10662 (GCVE-0-2018-10662)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10662",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10660 (GCVE-0-2018-10660)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10660",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}