Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Axis Subscribe
Total 41 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31988 1 Axis 4 Axis Os, Axis Os 2016, Axis Os 2018 and 1 more 2021-10-14 6.8 MEDIUM 8.8 HIGH
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.
CVE-2021-31987 1 Axis 4 Axis Os, Axis Os 2016, Axis Os 2018 and 1 more 2021-10-14 5.1 MEDIUM 7.5 HIGH
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
CVE-2021-31986 1 Axis 4 Axis Os, Axis Os 2016, Axis Os 2018 and 1 more 2021-10-13 4.0 MEDIUM 6.8 MEDIUM
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
CVE-2021-31989 1 Axis 1 Device Manager 2021-09-01 3.5 LOW 5.3 MEDIUM
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
CVE-2018-10660 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2019-10-02 10.0 HIGH 9.8 CRITICAL
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
CVE-2018-10662 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2019-10-02 10.0 HIGH 9.8 CRITICAL
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
CVE-2018-10661 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2019-10-02 10.0 HIGH 9.8 CRITICAL
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
CVE-2007-5214 1 Axis 1 2100 Network Camera 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to the default URI associated with a directory, as demonstrated by (a) the root directory and (b) the view/ directory; (2) parameters associated with saved settings, as demonstrated by (c) the conf_Network_HostName parameter on the Network page and (d) the conf_Layout_OwnTitle parameter to ServerManager.srv; and (3) the query string to ServerManager.srv, which is displayed on the logs page. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.
CVE-2007-5213 1 Axis 2 2100 Network Camera, 2100 Network Camera Firmware 2018-10-15 9.3 HIGH N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by (1) an SMTP server change through the conf_SMTP_MailServer1 parameter to ServerManager.srv and (2) a hostname change through the conf_Network_HostName parameter on the Network page.
CVE-2007-5212 1 Axis 2 2100 Network Camera, 2100 Network Camera Firmware 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via (1) parameters associated with saved settings, as demonstrated by the conf_SMTP_MailServer1 parameter to ServerManager.srv; or (2) the subpage parameter to wizard/first/wizard_main_first.shtml. NOTE: an attacker can leverage a CSRF vulnerability to modify saved settings.
CVE-2007-4929 1 Axis 1 207w Network Camera 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/image_incl.shtml, and other unspecified vectors.
CVE-2007-4928 1 Axis 1 207w Network Camera 2018-10-15 4.9 MEDIUM N/A
The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information.
CVE-2007-4927 1 Axis 1 207w Network Camera 2018-10-15 3.5 LOW N/A
axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a denial of service (reboot) via many requests with unique buffer names in the buffername parameter in a start action.
CVE-2007-4930 1 Axis 1 207w Network Camera 2018-10-15 4.3 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
CVE-2007-4926 1 Axis 1 207w Camera 2018-10-15 9.3 HIGH N/A
The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors.
CVE-2008-5260 1 Axis 1 Axis Camera Control 2018-10-11 9.3 HIGH N/A
Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.
CVE-2018-10658 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2018-08-20 5.0 MEDIUM 7.5 HIGH
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
CVE-2018-10663 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2018-08-20 5.0 MEDIUM 7.5 HIGH
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
CVE-2018-10664 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2018-08-20 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
CVE-2018-10659 1 Axis 780 A1001, A1001 Firmware, A8004-v and 777 more 2018-08-20 5.0 MEDIUM 7.5 HIGH
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.