Vulnerabilities > Axis > Axis OS 2022 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2023-5800 | Code Injection vulnerability in Axis OS Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. | 8.8 |
| 2023-11-21 | CVE-2023-21417 | Path Traversal vulnerability in Axis OS Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. | 7.1 |
| 2023-11-21 | CVE-2023-21418 | Path Traversal vulnerability in Axis products Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. | 7.1 |
| 2023-10-16 | CVE-2023-21415 | Path Traversal vulnerability in Axis products Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. | 8.1 |