Vulnerabilities > Axis > 207W Network Camera
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-09-18 | CVE-2007-4930 | Cross-Site Request Forgery (CSRF) vulnerability in Axis 207W Network Camera Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml. | 4.3 |
2007-09-18 | CVE-2007-4929 | Cross-Site Scripting vulnerability in Axis 207W Network Camera Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/image_incl.shtml, and other unspecified vectors. | 4.3 |
2007-09-18 | CVE-2007-4928 | Cryptographic Issues vulnerability in Axis 207W Network Camera The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information. | 4.9 |
2007-09-18 | CVE-2007-4927 | Improper Input Validation vulnerability in Axis 207W Network Camera axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a denial of service (reboot) via many requests with unique buffer names in the buffername parameter in a start action. | 3.5 |