Vulnerabilities > CVE-2004-2427 - Denial-Of-Service vulnerability in 2420 Video Server

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

axis

critical

NVD

Published: 2004-12-31

Updated: 2008-09-05

Summary

Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi.

Vulnerable Configurations

Part	Description	Count
Hardware	Axis Axis 2100 Network Camera 2.12 Axis 2100 Network Camera 2.30 Axis 2100 Network Camera 2.31 Axis 2100 Network Camera 2.32 Axis 2100 Network Camera 2.33 Axis 2100 Network Camera 2.34 Axis 2100 Network Camera 2.40 Axis 2100 Network Camera 2.41 Axis 2110 Network Camera 2.12 Axis 2110 Network Camera 2.30 Axis 2110 Network Camera 2.31 Axis 2110 Network Camera 2.32 Axis 2110 Network Camera 2.34 Axis 2110 Network Camera 2.40 Axis 2110 Network Camera 2.41 Axis 2120 Network Camera 2.12 Axis 2120 Network Camera 2.30 Axis 2120 Network Camera 2.31 Axis 2120 Network Camera 2.32 Axis 2120 Network Camera 2.34 Axis 2120 Network Camera 2.40 Axis 2120 Network Camera 2.41 Axis 2130 PTZ Network Camera 2.30 Axis 2130 PTZ Network Camera 2.31 Axis 2130 PTZ Network Camera 2.32 Axis 2130 PTZ Network Camera 2.34 Axis 2130 PTZ Network Camera 2.40 Axis 230 Mpeg2 Video Server 3.11 Axis 2400 Video Server 1.1 Axis 2400 Video Server 1.2 Axis 2400 Video Server 1.10 Axis 2400 Video Server 1.11 Axis 2400 Video Server 1.12 Axis 2400 Video Server 1.15 Axis 2400 Video Server 2.0 Axis 2400 Video Server 2.20 Axis 2400 Video Server 2.30 Axis 2400 Video Server 2.31 Axis 2400 Video Server 2.32 Axis 2400 Video Server 2.33 Axis 2400 Video Server 2.34 Axis 2400 Video Server 3.11 Axis 2400 Video Server 3.12 Axis 2401 Video Server 1.0_1 Axis 2401 Video Server 1.15 Axis 2401 Video Server 2.20 Axis 2401 Video Server 2.30 Axis 2401 Video Server 2.31 Axis 2401 Video Server 2.32 Axis 2401 Video Server 2.33 Axis 2401 Video Server 2.34 Axis 2401 Video Server 3.12 Axis 2401 Video Server 3.13 Axis 2411 Video Server 3.12 Axis 2411 Video Server 3.13 Axis 2420 Network Camera 2.12 Axis 2420 Network Camera 2.30 Axis 2420 Network Camera 2.31 Axis 2420 Network Camera 2.32 Axis 2420 Network Camera 2.33 Axis 2420 Network Camera 2.34 Axis 2420 Network Camera 2.40 Axis 2420 Network Camera 2.41 Axis 2420 Video Server 2.32 Axis 2420 Video Server 2.34 Axis 2460 Network DVR * Axis 2460 Network DVR 3.10 Axis 2460 Network DVR 3.11 Axis 2490 Serial Server * Axis 2490 Serial Server 2.11.3 Axis 250S Video Server * Axis 250S Video Server 3.03 Axis 250S Video Server 3.10 Axis Storpoint CD *	74

Summary

Vulnerable Configurations

References