Vulnerabilities > Axis > Axis OS > 6.50.5.7

DATE CVE VULNERABILITY TITLE RISK
2023-11-21 CVE-2023-21418 Path Traversal vulnerability in Axis products
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion.
network
low complexity
axis CWE-22
7.1
2023-10-16 CVE-2023-21415 Path Traversal vulnerability in Axis products
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion.
network
low complexity
axis CWE-22
8.1
2023-07-25 CVE-2023-21405 Unspecified vulnerability in Axis products
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed.
low complexity
axis
6.5