Vulnerabilities > CVE-2018-10659 - Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

axis

CWE-119

nessus

NVD

Published: 2018-06-26

Updated: 2018-08-20

Summary

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.

Vulnerable Configurations

Part	Description	Count
OS	Axis Axis A1001 Firmware * Axis A8004 V Firmware * Axis A8105 E Firmware * Axis A9161 Firmware * Axis A9188 Firmware * Axis A9188 V Firmware * Axis C1004 E Firmware * Axis C2005 Firmware * Axis C3003 E Firmware * Axis C8033 Firmware * Axis Companion Bullet LE Firmware * Axis Companion C360 Firmware * Axis Companion Cube L Firmware * Axis Companion Cube LW Firmware * Axis Companion Dome V Firmware * Axis Companion Dome WV Firmware * Axis Companion EYE L Firmware * Axis Companion EYE LVE Firmware * Axis Companion Recorder 4CH Firmware * Axis Companion Recorder 8CH Firmware * Axis D2050 VE Firmware * Axis F34 Main Unit Firmware * Axis F41 Main Unit Firmware * Axis F44 Dual Audio Input Firmware * Axis F44 Main Unit Firmware * Axis Fa54 Main Unit Firmware * Axis M1004 W Firmware * Axis M1013 Firmware * Axis M1014 Firmware * Axis M1025 Firmware * Axis M1033 W Firmware 5.40.5.1 Axis M1034 W Firmware * Axis M1045 LW Firmware * Axis M1054 Firmware * Axis M1065 L Firmware * Axis M1065 LW Firmware * Axis M1103 Firmware * Axis M1104 Firmware * Axis M1113 Firmware * Axis M1113 E Firmware * Axis M1114 Firmware * Axis M1114 E Firmware * Axis M1124 Firmware * Axis M1124 E Firmware * Axis M1125 Firmware * Axis M1125 E Firmware * Axis M1143 L Firmware * Axis M1144 L Firmware * Axis M1145 Firmware * Axis M1145 L Firmware * Axis M2014 E Firmware * Axis M2025 LE Firmware * Axis M2026 LE Firmware * Axis M2026 LE MK II Firmware * Axis M3004 V Firmware * Axis M3005 V Firmware * Axis M3006 V Firmware * Axis M3007 P Firmware * Axis M3007 PV Firmware * Axis M3014 Firmware * Axis M3015 Firmware * Axis M3016 Firmware * Axis M3024 LVE Firmware * Axis M3025 VE Firmware * Axis M3026 VE Firmware * Axis M3027 PVE Firmware * Axis M3037 PVE Firmware * Axis M3044 V Firmware * Axis M3044 WV Firmware * Axis M3045 V Firmware * Axis M3045 WV Firmware * Axis M3046 V Firmware * Axis M3046 V 1.8Mm Firmware * Axis M3047 P Firmware * Axis M3048 P Firmware * Axis M3104 L Firmware * Axis M3104 LVE Firmware * Axis M3105 L Firmware * Axis M3105 LVE Firmware * Axis M3106 L Firmware * Axis M3106 L MK II Firmware * Axis M3106 LVE Firmware * Axis M3106 LVE MK II Firmware * Axis M3113 R Firmware * Axis M3113 VE Firmware * Axis M3114 R Firmware * Axis M3114 VE Firmware * Axis M3203 Firmware * Axis M3203 V Firmware * Axis M3204 Firmware * Axis M3204 V Firmware * Axis M5013 Firmware * Axis M5013 V Firmware * Axis M5014 Firmware * Axis M5014 V Firmware * Axis M5054 Firmware * Axis M5055 Firmware * Axis M5065 Firmware * Axis M5525 E Firmware * Axis M7010 Firmware * Axis M7011 Firmware * Axis M7014 Firmware * Axis M7016 Firmware * Axis P1125 Z Firmware * Axis P1125 ZL Firmware * Axis P1126 Z Firmware * Axis P1126 ZL Firmware * Axis P1204 Firmware - Axis P1204 Firmware 5.50.4 Axis P1214 Firmware * Axis P1214 E Firmware * Axis P1224 E Firmware * Axis P1244 Firmware * Axis P1245 Firmware * Axis P1254 Firmware * Axis P1264 Firmware * Axis P1265 Firmware * Axis P1275 Firmware * Axis P1280 Firmware * Axis P1290 Firmware * Axis P1325 Z Firmware 7.10.1.1 Axis P1343 Firmware * Axis P1343 E Firmware * Axis P1344 Firmware * Axis P1344 E Firmware * Axis P1346 Firmware * Axis P1346 E Firmware * Axis P1347 Firmware * Axis P1347 E Firmware * Axis P1353 Firmware * Axis P1353 E Firmware * Axis P1354 Firmware 5.90.1.1 Axis P1354 E Firmware * Axis P1355 Firmware * Axis P1355 E Firmware * Axis P1357 Firmware * Axis P1357 E Firmware * Axis P1364 Firmware * Axis P1364 E Firmware * Axis P1365 Firmware * Axis P1365 MK II Firmware * Axis P1365 E Firmware * Axis P1365 E MK II Firmware * Axis P1367 Firmware * Axis P1367 E Firmware * Axis P1368 E Firmware * Axis P1405 E Firmware * Axis P1405 LE Firmware * Axis P1405 LE MK II Firmware * Axis P1425 E Firmware * Axis P1425 LE Firmware * Axis P1425 LE MK II Firmware * Axis P1427 E Firmware * Axis P1427 LE Firmware * Axis P1428 E Firmware * Axis P1435 E Firmware * Axis P1435 LE Firmware * Axis P1447 LE Firmware * Axis P1448 LE Firmware * Axis P3114 I Firmware * Axis P3114 Z Firmware * Axis P3115 I Firmware * Axis P3115 Z Firmware * Axis P3125 Z Firmware * Axis P3214 V Firmware * Axis P3214 VE Firmware * Axis P3215 V Firmware * Axis P3215 VE Firmware * Axis P3224 LV Firmware * Axis P3224 LV MK II Firmware * Axis P3224 LVE Firmware * Axis P3224 LVE MK II Firmware * Axis P3224 V MK II Firmware * Axis P3224 VE MK II Firmware * Axis P3225 LV Firmware * Axis P3225 LV MK II Firmware * Axis P3225 LVE Firmware * Axis P3225 LVE MK II Firmware * Axis P3225 V MK II Firmware * Axis P3225 VE MK II Firmware * Axis P3227 LV Firmware * Axis P3227 LVE Firmware * Axis P3228 LV Firmware * Axis P3228 LVE Firmware * Axis P3301 Firmware * Axis P3301 V Firmware * Axis P3304 Firmware * Axis P3304 V Firmware * Axis P3314 Z Firmware * Axis P3314 ZL Firmware * Axis P3315 Z Firmware * Axis P3315 ZL Firmware * Axis P3343 Firmware * Axis P3343 V Firmware * Axis P3343 VE Firmware * Axis P3344 Firmware * Axis P3344 V Firmware * Axis P3344 VE Firmware * Axis P3346 Firmware * Axis P3346 V Firmware * Axis P3346 VE Firmware * Axis P3353 Firmware * Axis P3354 Firmware * Axis P3363 V Firmware * Axis P3363 VE Firmware * Axis P3364 LV Firmware * Axis P3364 LVE Firmware * Axis P3364 V Firmware * Axis P3364 VE Firmware * Axis P3365 V Firmware * Axis P3365 VE Firmware * Axis P3367 V Firmware * Axis P3367 VE Firmware * Axis P3374 LV Firmware * Axis P3374 V Firmware * Axis P3375 LV Firmware * Axis P3375 LVE Firmware * Axis P3375 V Firmware * Axis P3375 VE Firmware * Axis P3384 V Firmware * Axis P3384 VE Firmware * Axis P3705 Z Firmware * Axis P3706 Z Firmware * Axis P3707 PE Firmware * Axis P3904 R Firmware * Axis P3904 R MK II Firmware * Axis P3905 R Firmware * Axis P3905 R MK II Firmware * Axis P3905 RE Firmware * Axis P3915 R Firmware * Axis P3915 R MK II Firmware * Axis P5414 E Firmware * Axis P5415 E Firmware * Axis P5512 Firmware * Axis P5512 E Firmware * Axis P5514 Firmware * Axis P5514 E Firmware * Axis P5515 Firmware * Axis P5515 E Firmware * Axis P5522 Firmware * Axis P5522 E Firmware * Axis P5532 Firmware * Axis P5532 E Firmware * Axis P5534 Firmware * Axis P5534 E Firmware * Axis P5544 Firmware * Axis P5624 E Firmware * Axis P5624 E MK II Firmware * Axis P5635 E Firmware * Axis P5635 E MK II Firmware * Axis P5635 ZE Firmware * Axis P7210 Firmware * Axis P7214 Firmware * Axis P7216 Firmware * Axis P7224 Blade Firmware * Axis P8513 Firmware * Axis P8514 Firmware * Axis P8524 Firmware * Axis Q1602 Firmware * Axis Q1602 E Firmware * Axis Q1604 Firmware * Axis Q1604 E Firmware * Axis Q1605 Z Firmware * Axis Q1614 Firmware * Axis Q1614 E Firmware * Axis Q1615 Firmware * Axis Q1615 MK II Firmware * Axis Q1615 E Firmware * Axis Q1615 E MK II Firmware * Axis Q1635 Firmware * Axis Q1635 E Firmware * Axis Q1635 Z Firmware * Axis Q1645 Firmware * Axis Q1647 Firmware * Axis Q1659 Firmware * Axis Q1755 Firmware * Axis Q1755 E Firmware * Axis Q1765 LE Firmware * Axis Q1765 LE PT Mount Firmware * Axis Q1775 Firmware * Axis Q1775 E Firmware * Axis Q1910 Firmware * Axis Q1910 E Firmware 5.51.5 Axis Q1921 Firmware * Axis Q1921 E Firmware * Axis Q1922 Firmware * Axis Q1922 E Firmware * Axis Q1931 E Firmware * Axis Q1931 E PT Mount Firmware * Axis Q1932 E Firmware * Axis Q1932 E PT Mount Firmware * Axis Q1941 E Firmware * Axis Q1941 E PT Mount Firmware * Axis Q1942 E Firmware * Axis Q1942 E PT Mount Firmware * Axis Q2901 E Firmware * Axis Q2901 E PT Mount Firmware * Axis Q3504 V Firmware * Axis Q3504 VE Firmware * Axis Q3505 SVE MK II Firmware * Axis Q3505 V Firmware * Axis Q3505 V MK II Firmware * Axis Q3505 VE Firmware * Axis Q3505 VE MK II Firmware * Axis Q3515 LV Firmware * Axis Q3515 LVE Firmware * Axis Q3517 LV Firmware * Axis Q3517 LVE Firmware * Axis Q3615 VE Firmware * Axis Q3617 VE Firmware * Axis Q3708 PVE Firmware * Axis Q3709 PVE Firmware * Axis Q6000 E Firmware * Axis Q6000 E MK II Firmware * Axis Q6032 Firmware * Axis Q6032 C Firmware * Axis Q6032 E Firmware * Axis Q6034 Firmware * Axis Q6034 C Firmware * Axis Q6034 E Firmware * Axis Q6035 Firmware * Axis Q6035 C Firmware * Axis Q6035 E Firmware * Axis Q6042 Firmware * Axis Q6042 C Firmware * Axis Q6042 E Firmware * Axis Q6042 S Firmware * Axis Q6044 Firmware * Axis Q6044 C Firmware * Axis Q6044 E Firmware * Axis Q6044 S Firmware * Axis Q6045 Firmware * Axis Q6045 MK II Firmware * Axis Q6045 C Firmware * Axis Q6045 C MK II Firmware * Axis Q6045 E Firmware * Axis Q6045 E MK II Firmware * Axis Q6045 S Firmware * Axis Q6045 S MK II Firmware * Axis Q6052 Firmware * Axis Q6052 E Firmware * Axis Q6054 Firmware * Axis Q6054 MK II Firmware * Axis Q6054 E Firmware * Axis Q6054 E MK II Firmware * Axis Q6055 Firmware * Axis Q6055 C Firmware * Axis Q6055 E Firmware * Axis Q6055 S Firmware * Axis Q6114 E Firmware * Axis Q6115 E Firmware * Axis Q6124 E Firmware * Axis Q6125 LE Firmware * Axis Q6128 E Firmware * Axis Q6155 E Firmware * Axis Q7401 Firmware * Axis Q7404 Firmware * Axis Q7406 Blade Firmware * Axis Q7411 Firmware * Axis Q7414 Blade Firmware * Axis Q7424 R Firmware * Axis Q7424 R MK II Firmware * Axis Q7436 Blade Firmware * Axis Q8414 LVS Firmware * Axis Q8631 E Firmware * Axis Q8632 E Firmware * Axis Q8641 E Firmware * Axis Q8642 E Firmware * Axis Q8655 ZLE Firmware * Axis Q8665 E Firmware * Axis Q8665 LE Firmware * Axis Q8675 ZE Firmware * Axis Q8685 E Firmware * Axis Q8685 LE Firmware * Axis Q8721 E Firmware * Axis Q8722 E Firmware * Axis Q8741 E Firmware * Axis Q8741 LE Firmware * Axis Q8742 E Firmware * Axis Q8742 LE Firmware * Axis Q8742 E Zoom Firmware * Axis Q8742 LE Zoom Firmware * Axis V5914 Firmware * Axis V5915 Firmware * Axis Xf40 Q1765 Firmware * Axis Xf40 Q2901 Firmware * Axis Xf60 Q2901 Firmware * Axis Xp40 Q1765 Firmware * Axis Xp40 Q1942 Firmware * Axis Xp60 Q1765 Firmware * Axis D201 S XPT Q6055 Firmware *	391
Hardware	Axis Axis A1001 - Axis A8004 V - Axis A8105 E - Axis A9161 - Axis A9188 - Axis A9188 V - Axis C1004 E - Axis C2005 - Axis C3003 E - Axis C8033 - Axis Companion Bullet LE - Axis Companion C360 - Axis Companion Cube L - Axis Companion Cube LW - Axis Companion Dome V - Axis Companion Dome WV - Axis Companion EYE L - Axis Companion EYE LVE - Axis Companion Recorder 4CH - Axis Companion Recorder 8CH - Axis D2050 VE - Axis F34 Main Unit - Axis F41 Main Unit - Axis F44 Dual Audio Input - Axis F44 Main Unit - Axis Fa54 Main Unit - Axis M1004 W - Axis M1013 - Axis M1014 - Axis M1025 - Axis M1033 W - Axis M1034 W - Axis M1045 LW - Axis M1054 - Axis M1065 L - Axis M1065 LW - Axis M1103 - Axis M1104 - Axis M1113 - Axis M1113 E - Axis M1114 - Axis M1114 E - Axis M1124 - Axis M1124 E - Axis M1125 - Axis M1125 E - Axis M1143 L - Axis M1144 L - Axis M1145 - Axis M1145 L - Axis M2014 E - Axis M2025 LE - Axis M2026 LE - Axis M2026 LE MK II - Axis M3004 V - Axis M3005 V - Axis M3006 V - Axis M3007 P - Axis M3007 PV - Axis M3014 - Axis M3015 - Axis M3016 - Axis M3024 LVE - Axis M3025 VE - Axis M3026 VE - Axis M3027 PVE - Axis M3037 PVE - Axis M3044 V - Axis M3044 WV - Axis M3045 V - Axis M3045 WV - Axis M3046 V - Axis M3046 V 1.8Mm - Axis M3047 P - Axis M3048 P - Axis M3104 L - Axis M3104 LVE - Axis M3105 L - Axis M3105 LVE - Axis M3106 L - Axis M3106 L MK II - Axis M3106 LVE - Axis M3106 LVE MK II - Axis M3113 R - Axis M3113 VE - Axis M3114 R - Axis M3114 VE - Axis M3203 - Axis M3203 V - Axis M3204 - Axis M3204 V - Axis M5013 - Axis M5013 V - Axis M5014 - Axis M5014 V - Axis M5054 - Axis M5055 - Axis M5065 - Axis M5525 E - Axis M7010 - Axis M7011 - Axis M7014 - Axis M7016 - Axis P1125 Z - Axis P1125 ZL - Axis P1126 Z - Axis P1126 ZL - Axis P1204 - Axis P1214 - Axis P1214 E - Axis P1224 E - Axis P1244 - Axis P1245 - Axis P1254 - Axis P1264 - Axis P1265 - Axis P1275 - Axis P1280 - Axis P1290 - Axis P1325 Z - Axis P1343 - Axis P1343 E - Axis P1344 - Axis P1344 E - Axis P1346 - Axis P1346 E - Axis P1347 - Axis P1347 E - Axis P1353 - Axis P1353 E - Axis P1354 - Axis P1354 E - Axis P1355 - Axis P1355 E - Axis P1357 - Axis P1357 E - Axis P1364 - Axis P1364 E - Axis P1365 - Axis P1365 MK II - Axis P1365 E - Axis P1365 E MK II - Axis P1367 - Axis P1367 E - Axis P1368 E - Axis P1405 E - Axis P1405 LE - Axis P1405 LE MK II - Axis P1425 E - Axis P1425 LE - Axis P1425 LE MK II - Axis P1427 E - Axis P1427 LE - Axis P1428 E - Axis P1435 E - Axis P1435 LE - Axis P1447 LE - Axis P1448 LE - Axis P3114 I - Axis P3114 Z - Axis P3115 I - Axis P3115 Z - Axis P3125 Z - Axis P3214 V - Axis P3214 VE - Axis P3215 V - Axis P3215 VE - Axis P3224 LV - Axis P3224 LV MK II - Axis P3224 LVE - Axis P3224 LVE MK II - Axis P3224 V MK II - Axis P3224 VE MK II - Axis P3225 LV - Axis P3225 LV MK II - Axis P3225 LVE - Axis P3225 LVE MK II - Axis P3225 V MK II - Axis P3225 VE MK II - Axis P3227 LV - Axis P3227 LVE - Axis P3228 LV - Axis P3228 LVE - Axis P3301 - Axis P3301 V - Axis P3304 - Axis P3304 V - Axis P3314 Z - Axis P3314 ZL - Axis P3315 Z - Axis P3315 ZL - Axis P3343 - Axis P3343 V - Axis P3343 VE - Axis P3344 - Axis P3344 V - Axis P3344 VE - Axis P3346 - Axis P3346 V - Axis P3346 VE - Axis P3353 - Axis P3354 - Axis P3363 V - Axis P3363 VE - Axis P3364 LV - Axis P3364 LVE - Axis P3364 V - Axis P3364 VE - Axis P3365 V - Axis P3365 VE - Axis P3367 V - Axis P3367 VE - Axis P3374 LV - Axis P3374 V - Axis P3375 LV - Axis P3375 LVE - Axis P3375 V - Axis P3375 VE - Axis P3384 V - Axis P3384 VE - Axis P3705 Z - Axis P3706 Z - Axis P3707 PE - Axis P3904 R - Axis P3904 R MK II - Axis P3905 R - Axis P3905 R MK II - Axis P3905 RE - Axis P3915 R - Axis P3915 R MK II - Axis P5414 E - Axis P5415 E - Axis P5512 - Axis P5512 E - Axis P5514 - Axis P5514 E - Axis P5515 - Axis P5515 E - Axis P5522 - Axis P5522 E - Axis P5532 - Axis P5532 E - Axis P5534 - Axis P5534 E - Axis P5544 - Axis P5624 E - Axis P5624 E MK II - Axis P5635 E - Axis P5635 E MK II - Axis P5635 ZE - Axis P7210 - Axis P7214 - Axis P7216 - Axis P7224 Blade - Axis P8513 - Axis P8514 - Axis P8524 - Axis Q1602 - Axis Q1602 E - Axis Q1604 - Axis Q1604 E - Axis Q1605 Z - Axis Q1614 - Axis Q1614 E - Axis Q1615 - Axis Q1615 MK II - Axis Q1615 E - Axis Q1615 E MK II - Axis Q1635 - Axis Q1635 E - Axis Q1635 Z - Axis Q1645 - Axis Q1647 - Axis Q1659 - Axis Q1755 - Axis Q1755 E - Axis Q1765 LE - Axis Q1765 LE PT Mount - Axis Q1775 - Axis Q1775 E - Axis Q1910 - Axis Q1910 E - Axis Q1921 - Axis Q1921 E - Axis Q1922 - Axis Q1922 E - Axis Q1931 E - Axis Q1931 E PT Mount - Axis Q1932 E - Axis Q1932 E PT Mount - Axis Q1941 E - Axis Q1941 E PT Mount - Axis Q1942 E - Axis Q1942 E PT Mount - Axis Q2901 E - Axis Q2901 E PT Mount - Axis Q3504 V - Axis Q3504 VE - Axis Q3505 SVE MK II - Axis Q3505 V - Axis Q3505 V MK II - Axis Q3505 VE - Axis Q3505 VE MK II - Axis Q3515 LV - Axis Q3515 LVE - Axis Q3517 LV - Axis Q3517 LVE - Axis Q3615 VE - Axis Q3617 VE - Axis Q3708 PVE - Axis Q3709 PVE - Axis Q6000 E - Axis Q6000 E MK II - Axis Q6032 - Axis Q6032 C - Axis Q6032 E - Axis Q6034 - Axis Q6034 C - Axis Q6034 E - Axis Q6035 - Axis Q6035 C - Axis Q6035 E - Axis Q6042 - Axis Q6042 C - Axis Q6042 E - Axis Q6042 S - Axis Q6044 - Axis Q6044 C - Axis Q6044 E - Axis Q6044 S - Axis Q6045 - Axis Q6045 MK II - Axis Q6045 C - Axis Q6045 C MK II - Axis Q6045 E - Axis Q6045 E MK II - Axis Q6045 S - Axis Q6045 S MK II - Axis Q6052 - Axis Q6052 E - Axis Q6054 - Axis Q6054 MK II - Axis Q6054 E - Axis Q6054 E MK II - Axis Q6055 - Axis Q6055 C - Axis Q6055 E - Axis Q6055 S - Axis Q6114 E - Axis Q6115 E - Axis Q6124 E - Axis Q6125 LE - Axis Q6128 E - Axis Q6155 E - Axis Q7401 - Axis Q7404 - Axis Q7406 Blade - Axis Q7411 - Axis Q7414 Blade - Axis Q7424 R - Axis Q7424 R MK II - Axis Q7436 Blade - Axis Q8414 LVS - Axis Q8631 E - Axis Q8632 E - Axis Q8641 E - Axis Q8642 E - Axis Q8655 ZLE - Axis Q8665 E - Axis Q8665 LE - Axis Q8675 ZE - Axis Q8685 E - Axis Q8685 LE - Axis Q8721 E - Axis Q8722 E - Axis Q8741 E - Axis Q8741 LE - Axis Q8742 E - Axis Q8742 LE - Axis Q8742 E Zoom - Axis Q8742 LE Zoom - Axis V5914 - Axis V5915 - Axis Xf40 Q1765 - Axis Xf40 Q2901 - Axis Xf60 Q2901 - Axis Xp40 Q1765 - Axis Xp40 Q1942 - Axis Xp60 Q1765 - Axis D201 S XPT Q6055 -	390

Common Weakness Enumeration (CWE)

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Common Attack Pattern Enumeration and Classification (CAPEC)

Buffer Overflow via Environment Variables
This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
Overflow Buffers
Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
Client-side Injection-induced Buffer Overflow
This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
Filter Failure through Buffer Overflow
In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
MIME Conversion
An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.

Nessus

NASL family	Misc.
NASL id	AXIS_ACV-128401.NASL
description	The firmware version running on the remote host is vulnerable to multiple vulnerabilities. An unauthenticated remote attacker could gain system-level unauthorized access to the affected device. Note that Nessus has not tested for these issues but has instead relied only on the application
last seen	2020-06-01
modified	2020-06-02
plugin id	117882
published	2018-10-02
reporter	This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/117882
title	AXIS Multiple Vulnerabilities (ACV-128401)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(117882); script_version("1.3"); script_cvs_date("Date: 2019/04/05 23:25:06"); script_cve_id( "CVE-2018-10658", "CVE-2018-10659", "CVE-2018-10660", "CVE-2018-10661", "CVE-2018-10662", "CVE-2018-10663", "CVE-2018-10664" ); script_name(english:"AXIS Multiple Vulnerabilities (ACV-128401)"); script_summary(english:"Checks the firmware version of AXIS devices."); script_set_attribute(attribute:"synopsis", value: "The remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The firmware version running on the remote host is vulnerable to multiple vulnerabilities. An unauthenticated remote attacker could gain system-level unauthorized access to the affected device. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number."); # https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/ script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?471d8c96"); script_set_attribute(attribute:"see_also", value:"https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"); script_set_attribute(attribute:"see_also", value:"https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"); script_set_attribute(attribute:"solution", value: "Upgrade the host firmware to the version provided in the affected product list."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10660"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'Axis Network Camera .srv to parhand RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/06/18"); script_set_attribute(attribute:"patch_publication_date", value:"2018/06/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/02"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/o:axis:network_camera_firmware"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("axis_www_detect.nbin", "axis_ftp_detect.nbin"); script_require_ports("Services/www", "Services/ftp", 80, 21); script_require_keys("installed_sw/AXIS device"); exit(0); } include("vcf.inc"); include("vcf_extras.inc"); patches = make_array( 'A1001', make_list('1.65.1'), 'A8004-VE', make_list('1.65.2'), 'A8105-E', make_list('1.65.2'), 'A9161', make_list('1.65.0'), 'A9188', make_list('1.65.0'), 'A9188-VE', make_list('1.65.0'), 'C1004-E', make_list('1.81.040.1'), 'C2005', make_list('1.81.040.1'), 'C3003-E', make_list('1.81.040.1'), 'C8033', make_list('1.81.040.1'), 'Companion Bullet LE', make_list('8.20.1'), 'Companion C360', make_list('7.15.2.3'), 'Companion Cube L', make_list('8.20.1'), 'Companion Cube LW', make_list('8.20.1'), 'Companion Dome V', make_list('8.20.1'), 'Companion Dome WV', make_list('8.20.1'), 'Companion Eye L', make_list('8.20.1'), 'Companion Eye LVE', make_list('8.20.1'), 'Companion Recorder 4CH', make_list('1.20.1'), 'Companion Recorder 8CH', make_list('1.20.1'), 'D2050-VE', make_list('7.35.4.2'), 'F34 Main Unit', make_list('6.50.2.3'), 'F41 Main Unit', make_list('6.50.2.3'), 'F44 Dual Audio Input', make_list('6.50.2.3'), 'F44 Main Unit', make_list('6.50.2.3'), 'FA54 Main Unit', make_list('6.55.4.5'), 'M1004-W', make_list('5.51.5'), 'M1013', make_list('5.51.5'), 'M1014', make_list('5.51.5'), 'M1025', make_list('5.51.5'), 'M1033-W', make_list('5.51.5'), 'M1034-W', make_list('5.51.5'), 'M1045-LW', make_list('8.20.1'), 'M1054', make_list('5.51.5'), 'M1065-L', make_list('8.20.1'), 'M1065-LW', make_list('8.20.1'), 'M1103', make_list('5.51.5'), 'M1104', make_list('5.51.5'), 'M1113', make_list('5.51.5'), 'M1113-E', make_list('5.51.5'), 'M1114', make_list('5.51.5'), 'M1114-E', make_list('5.51.5'), 'M1124', make_list('6.50.2.3', '8.30.1'), 'M1124-E', make_list('6.50.2.3', '8.30.1'), 'M1125', make_list('6.50.2.3', '8.30.1'), 'M1125-E', make_list('6.50.2.3', '8.30.1'), 'M1143-L', make_list('5.60.1.10'), 'M1144-L', make_list('5.60.1.10'), 'M1145', make_list('6.50.2.3'), 'M1145-L', make_list('6.50.2.3'), 'M2014-E', make_list('5.51.5'), 'M2025-LE', make_list('8.20.1'), 'M2026-LE', make_list('8.20.1'), 'M2026-LE Mk II', make_list('8.10.1.1'), 'M3004-V', make_list('5.51.5'), 'M3005-V', make_list('5.51.5'), 'M3006-V', make_list('6.50.2.3'), 'M3007-P', make_list('6.50.2.3'), 'M3007-PV', make_list('6.50.2.3'), 'M3014', make_list('5.51.5'), 'M3015', make_list('7.15.5.1'), 'M3016', make_list('7.15.5.1'), 'M3024-LVE', make_list('5.51.5'), 'M3025-VE', make_list('5.51.5'), 'M3026-VE', make_list('6.50.2.3'), 'M3027-PVE', make_list('6.50.2.3'), 'M3037-PVE', make_list('6.55.1'), 'M3044-V', make_list('8.20.1'), 'M3044-WV', make_list('8.20.1'), 'M3045-V', make_list('8.20.1'), 'M3045-WV', make_list('8.20.1'), 'M3046-V', make_list('8.20.1'), 'M3046-V 1.8mm', make_list('8.20.1'), 'M3047-P', make_list('7.15.2.3'), 'M3048-P', make_list('7.15.2.3'), 'M3104-L', make_list('8.20.1'), 'M3104-LVE', make_list('8.20.1'), 'M3105-L', make_list('8.20.1'), 'M3105-LVE', make_list('8.20.1'), 'M3106-L', make_list('8.20.1'), 'M3106-L Mk II', make_list('8.10.1.1'), 'M3106-LVE', make_list('8.20.1'), 'M3106-LVE Mk II', make_list('8.10.1.1'), 'M3113-R', make_list('5.51.5'), 'M3113-VE', make_list('5.51.5'), 'M3114-R', make_list('5.51.5'), 'M3114-VE', make_list('5.51.5'), 'M3203', make_list('5.51.5'), 'M3203-V', make_list('5.51.5'), 'M3204', make_list('5.51.5'), 'M3204-V', make_list('5.51.5'), 'M5013', make_list('5.51.5'), 'M5013-V', make_list('5.51.5'), 'M5014', make_list('5.51.5'), 'M5014-V', make_list('5.51.5'), 'M5054', make_list('6.53.2.1'), 'M5055', make_list('6.53.2.1'), 'M5065', make_list('6.53.2.1'), 'M5525-E', make_list('8.20.1'), 'M7010', make_list('5.51.5'), 'M7011', make_list('6.50.2.3'), 'M7014', make_list('5.51.5'), 'M7016', make_list('5.51.5'), 'P1125-Z', make_list('7.10.1.1'), 'P1125-ZL', make_list('7.10.1.1'), 'P1126-Z', make_list('7.10.1.1'), 'P1126-ZL', make_list('7.10.1.1'), 'P1204', make_list('5.51.5'), 'P1214', make_list('5.51.5'), 'P1214-E', make_list('5.51.5'), 'P1224-E', make_list('5.51.5'), 'P1244', make_list('6.50.2.3', '8.20.1'), 'P1245', make_list('6.50.2.3', '8.20.1'), 'P1254', make_list('6.50.2.3', '8.20.1'), 'P1264', make_list('6.50.2.3', '8.20.1'), 'P1265', make_list('6.50.2.3', '8.20.1'), 'P1275', make_list('6.50.2.3', '8.20.1'), 'P1280', make_list('6.55.2.3'), 'P1290', make_list('6.55.2.3'), 'P1325-Z', make_list('7.10.1.1'), 'P1343', make_list('5.51.5'), 'P1343-E', make_list('5.51.5'), 'P1344', make_list('5.51.5'), 'P1344-E', make_list('5.51.5'), 'P1346', make_list('5.51.5'), 'P1346-E', make_list('5.51.5'), 'P1347', make_list('5.51.5'), 'P1347-E', make_list('5.51.5'), 'P1353', make_list('6.50.2.3'), 'P1353-E', make_list('6.50.2.3'), 'P1354', make_list('6.50.2.3'), 'P1354-E', make_list('6.50.2.3'), 'P1355', make_list('5.60.1.10'), 'P1355-E', make_list('5.60.1.10'), 'P1357', make_list('6.50.2.3'), 'P1357-E', make_list('6.50.2.3'), 'P1364', make_list('6.50.2.3', '8.20.1'), 'P1364-E', make_list('6.50.2.3', '8.20.1'), 'P1365', make_list('6.50.2.3'), 'P1365 Mk II', make_list('6.50.2.3', '8.20.1'), 'P1365-E', make_list('6.50.2.3'), 'P1365-E Mk II', make_list('6.50.2.3', '8.20.1'), 'P1367', make_list('8.20.1'), 'P1367-E', make_list('8.20.1'), 'P1368-E', make_list('8.20.1'), 'P1405-E', make_list('6.50.2.3'), 'P1405-LE', make_list('6.50.2.3'), 'P1405-LE Mk II', make_list('8.20.1'), 'P1425-E', make_list('6.50.2.3'), 'P1425-LE', make_list('6.50.2.3'), 'P1425-LE Mk II', make_list('8.20.1'), 'P1427-E', make_list('6.50.2.3'), 'P1427-LE', make_list('6.50.2.3'), 'P1428-E', make_list('6.50.2.3'), 'P1435-E', make_list('6.50.2.3', '8.20.1'), 'P1435-LE', make_list('6.50.2.3', '8.20.1'), 'P1447-LE', make_list('8.20.1'), 'P1448-LE', make_list('8.20.1'), 'P3114-I', make_list('6.50.3.2'), 'P3114-Z', make_list('6.50.3.2'), 'P3115-I', make_list('6.50.3.2'), 'P3115-Z', make_list('6.50.3.2'), 'P3125-Z', make_list('7.10.1.1'), 'P3214-V', make_list('6.50.2.3'), 'P3214-VE', make_list('6.50.2.3'), 'P3215-V', make_list('6.50.2.3'), 'P3215-VE', make_list('6.50.2.3'), 'P3224-LV', make_list('6.50.2.3'), 'P3224-LV Mk II', make_list('8.20.1'), 'P3224-LVE', make_list('6.50.2.3'), 'P3224-LVE Mk II', make_list('8.20.1'), 'P3224-V Mk II', make_list('8.20.1'), 'P3224-VE Mk II', make_list('8.20.1'), 'P3225-LV', make_list('6.50.2.3'), 'P3225-LV Mk II', make_list('8.20.1'), 'P3225-LVE', make_list('6.50.2.3'), 'P3225-LVE Mk II', make_list('8.20.1'), 'P3225-V Mk II', make_list('8.20.1'), 'P3225-VE Mk II', make_list('8.20.1'), 'P3227-LV', make_list('8.20.1'), 'P3227-LVE', make_list('8.20.1'), 'P3228-LV', make_list('8.20.1'), 'P3228-LVE', make_list('8.20.1'), 'P3301', make_list('5.51.5'), 'P3301-V', make_list('5.51.5'), 'P3304', make_list('5.51.5'), 'P3304-V', make_list('5.51.5'), 'P3314-Z', make_list('6.50.3'), 'P3314-ZL', make_list('6.50.3'), 'P3315-Z', make_list('6.50.3'), 'P3315-ZL', make_list('6.50.3'), 'P3343', make_list('5.51.5'), 'P3343-V', make_list('5.51.5'), 'P3343-VE', make_list('5.51.5'), 'P3344', make_list('5.51.5'), 'P3344-V', make_list('5.51.5'), 'P3344-VE', make_list('5.51.5'), 'P3346', make_list('5.51.5'), 'P3346-V', make_list('5.51.5'), 'P3346-VE', make_list('5.51.5'), 'P3353', make_list('6.50.2.3'), 'P3354', make_list('6.50.2.3'), 'P3363-V', make_list('6.50.2.3'), 'P3363-VE', make_list('6.50.2.3'), 'P3364-LV', make_list('6.50.2.3'), 'P3364-LVE', make_list('6.50.2.3'), 'P3364-V', make_list('6.50.2.3'), 'P3364-VE', make_list('6.50.2.3'), 'P3365-V', make_list('6.50.2.3'), 'P3365-VE', make_list('6.50.2.3'), 'P3367-V', make_list('6.50.2.3'), 'P3367-VE', make_list('6.50.2.3'), 'P3374-LV', make_list('8.20.1'), 'P3374-V', make_list('8.20.1'), 'P3375-LV', make_list('8.20.1'), 'P3375-LVE', make_list('8.20.1'), 'P3375-V', make_list('8.20.1'), 'P3375-VE', make_list('8.20.1'), 'P3384-V', make_list('6.50.2.3'), 'P3384-VE', make_list('6.50.2.3'), 'P3705-Z', make_list('6.40.3.2'), 'P3706-Z', make_list('6.40.3.2'), 'P3707-PE', make_list('6.50.2.3'), 'P3904-R', make_list('6.50.2.3'), 'P3904-R Mk II', make_list('6.50.2.3'), 'P3905-R', make_list('6.50.2.3'), 'P3905-R Mk II', make_list('6.50.2.3'), 'P3905-RE', make_list('6.50.2.3'), 'P3915-R', make_list('6.50.2.3'), 'P3915-R Mk II', make_list('6.50.2.3'), 'P5414-E', make_list('6.50.2.3'), 'P5415-E', make_list('6.50.2.3'), 'P5512', make_list('5.51.5'), 'P5512-E', make_list('5.51.5'), 'P5514', make_list('6.50.2.3', '8.20.1'), 'P5514-E', make_list('6.50.2.3', '8.20.1'), 'P5515', make_list('6.50.2.3', '8.20.1'), 'P5515-E', make_list('6.50.2.3', '8.20.1'), 'P5522', make_list('5.51.5'), 'P5522-E', make_list('5.51.5'), 'P5532', make_list('5.41.4'), 'P5532-E', make_list('5.41.4'), 'P5534', make_list('5.41.4'), 'P5534-E', make_list('5.41.4'), 'P5544', make_list('5.41.2.6'), 'P5624-E', make_list('6.50.2.3'), 'P5624-E Mk II', make_list('6.50.2.3', '8.20.1'), 'P5635-E', make_list('6.50.2.3'), 'P5635-E Mk II', make_list('6.50.2.3', '8.20.1'), 'P5635-ZE', make_list('5.75.3.3'), 'P7210', make_list('5.51.5'), 'P7214', make_list('5.51.5'), 'P7216', make_list('5.51.5'), 'P7224 Blade', make_list('5.51.5'), 'P8513', make_list('5.51.5'), 'P8514', make_list('5.51.5'), 'P8524', make_list('5.51.5'), 'Q1602', make_list('6.50.2.3'), 'Q1602-E', make_list('6.50.2.3'), 'Q1604', make_list('6.50.2.3'), 'Q1604-E', make_list('6.50.2.3'), 'Q1605-Z', make_list('7.10.1.1'), 'Q1614', make_list('6.50.2.3'), 'Q1614-E', make_list('6.50.2.3'), 'Q1615', make_list('6.50.2.3'), 'Q1615 Mk II', make_list('8.20.1'), 'Q1615-E', make_list('6.50.2.3'), 'Q1615-E Mk II', make_list('8.20.1'), 'Q1635', make_list('6.50.2.3'), 'Q1635-E', make_list('6.50.2.3'), 'Q1635-Z', make_list('6.50.3'), 'Q1645', make_list('8.20.1'), 'Q1647', make_list('8.20.1'), 'Q1659', make_list('6.56.2.1'), 'Q1755', make_list('5.51.5'), 'Q1755-E', make_list('5.51.5'), 'Q1765-LE', make_list('6.50.2.3'), 'Q1765-LE PT Mount', make_list('6.50.2.3'), 'Q1775', make_list('6.50.2.3', '8.20.1'), 'Q1775-E', make_list('6.50.2.3', '8.20.1'), 'Q1910', make_list('5.51.5'), 'Q1910-E', make_list('5.51.5'), 'Q1921', make_list('5.51.5'), 'Q1921-E', make_list('5.51.5'), 'Q1922', make_list('5.51.5'), 'Q1922-E', make_list('5.51.5'), 'Q1931-E', make_list('6.50.2.3'), 'Q1931-E PT Mount', make_list('6.50.2.3'), 'Q1932-E', make_list('6.50.2.3'), 'Q1932-E PT Mount', make_list('6.50.2.3'), 'Q1941-E', make_list('8.20.1'), 'Q1941-E PT Mount', make_list('6.55.1.2'), 'Q1942-E', make_list('8.20.1'), 'Q1942-E PT Mount', make_list('6.55.1.2'), 'Q2901-E', make_list('6.50.2.3'), 'Q2901-E PT Mount', make_list('6.50.2.3'), 'Q3504-V', make_list('8.20.1'), 'Q3504-VE', make_list('8.20.1'), 'Q3505-SVE Mk II', make_list('8.20.1'), 'Q3505-V', make_list('6.50.2.3'), 'Q3505-V Mk II', make_list('8.20.1'), 'Q3505-VE', make_list('6.50.2.3'), 'Q3505-VE Mk II', make_list('8.20.1'), 'Q3515-LV', make_list('8.20.1'), 'Q3515-LVE', make_list('8.20.1'), 'Q3517-LV', make_list('8.20.1'), 'Q3517-LVE', make_list('8.20.1'), 'Q3615-VE', make_list('8.20.1'), 'Q3617-VE', make_list('8.20.1'), 'Q3708-PVE', make_list('5.95.4.7'), 'Q3709-PVE', make_list('5.75.1.9'), 'Q6000-E', make_list('6.50.2.3'), 'Q6000-E Mk II', make_list('6.50.2.3'), 'Q6032', make_list('5.41.4'), 'Q6032-C', make_list('5.41.3.4'), 'Q6032-E', make_list('5.41.4'), 'Q6034', make_list('5.41.4'), 'Q6034-C', make_list('5.41.3.4'), 'Q6034-E', make_list('5.41.4'), 'Q6035', make_list('5.41.4'), 'Q6035-C', make_list('5.41.4'), 'Q6035-E', make_list('5.41.4'), 'Q6042', make_list('6.50.2.3'), 'Q6042-C', make_list('6.50.2.3'), 'Q6042-E', make_list('6.50.2.3'), 'Q6042-S', make_list('6.50.2.3'), 'Q6044', make_list('6.50.2.3'), 'Q6044-C', make_list('6.50.2.3'), 'Q6044-E', make_list('6.50.2.3'), 'Q6044-S', make_list('6.50.2.3'), 'Q6045', make_list('5.70.1.7'), 'Q6045 Mk II', make_list('6.50.2.3'), 'Q6045-C', make_list('5.70.1.7'), 'Q6045-C Mk II', make_list('6.50.2.3'), 'Q6045-E', make_list('5.70.1.7'), 'Q6045-E Mk II', make_list('6.50.2.3'), 'Q6045-S', make_list('5.70.1.7'), 'Q6045-S Mk II', make_list('6.50.2.3'), 'Q6052', make_list('6.50.2.3', '8.20.1'), 'Q6052-E', make_list('6.50.2.3', '8.20.1'), 'Q6054', make_list('6.50.2.3', '8.20.1'), 'Q6054 Mk II', make_list('8.20.1'), 'Q6054-E', make_list('6.50.2.3', '8.20.1'), 'Q6054-E Mk II', make_list('8.20.1'), 'Q6055', make_list('6.50.2.3', '8.20.1'), 'Q6055-C', make_list('6.50.2.3', '8.20.1'), 'Q6055-E', make_list('6.50.2.3', '8.20.1'), 'Q6055-S', make_list('6.50.2.3', '8.20.1'), 'Q6114-E', make_list('6.50.2.3'), 'Q6115-E', make_list('6.50.2.3'), 'Q6124-E', make_list('8.20.1'), 'Q6125-LE', make_list('8.20.1'), 'Q6128-E', make_list('6.50.2.3'), 'Q6155-E', make_list('6.50.2.3', '8.20.1'), 'Q7401', make_list('5.51.5'), 'Q7404', make_list('5.51.5'), 'Q7406 Blade', make_list('5.51.5'), 'Q7411', make_list('6.50.2.3'), 'Q7414 Blade', make_list('5.51.5'), 'Q7424-R', make_list('5.51.5'), 'Q7424-R Mk II', make_list('5.51.3.5'), 'Q7436 Blade', make_list('6.50.2.3'), 'Q8414-LVS', make_list('6.50.2.3'), 'Q8631-E', make_list('6.50.2.3'), 'Q8632-E', make_list('6.50.2.3'), 'Q8641-E', make_list('6.55.1.2'), 'Q8642-E', make_list('6.55.1.2'), 'Q8655-ZLE', make_list('5.55.2.5'), 'Q8665-E', make_list('6.50.2.3'), 'Q8665-LE', make_list('6.50.2.3'), 'Q8675-ZE', make_list('6.20.3.2'), 'Q8685-E', make_list('6.55.1.3'), 'Q8685-LE', make_list('6.55.1.3'), 'Q8721-E', make_list('5.50.2.5'), 'Q8722-E', make_list('5.50.2.5'), 'Q8741-E', make_list('7.15.3.2'), 'Q8741-LE', make_list('7.15.3.2'), 'Q8742-E', make_list('7.15.3.2'), 'Q8742-LE', make_list('7.15.3.2'), 'Q8742-E Zoom', make_list('7.15.3.2'), 'Q8742-LE Zoom', make_list('7.15.3.2'), 'V5914', make_list('5.75.1.10'), 'V5915', make_list('5.75.1.10') ); app_info = vcf::axis::get_app_info(); constraints = vcf::axis::generate_constraints(app_info:app_info, patch_array:patches); vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

References