Vulnerabilities > Axis

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-21408 Improper Handling of Exceptional Conditions vulnerability in Axis License Plate Verifier 2.8.3
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.
network
low complexity
axis CWE-755
critical
9.8
2023-08-03 CVE-2023-21409 Improper Handling of Exceptional Conditions vulnerability in Axis License Plate Verifier 2.8.3
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.
network
low complexity
axis CWE-755
critical
9.8
2023-08-03 CVE-2023-21410 Unspecified vulnerability in Axis License Plate Verifier 2.8.3
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.
network
low complexity
axis
8.8
2023-08-03 CVE-2023-21411 Unspecified vulnerability in Axis License Plate Verifier 2.8.3
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.
network
low complexity
axis
8.8
2023-08-03 CVE-2023-21412 SQL Injection vulnerability in Axis License Plate Verifier 2.8.3
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.
network
low complexity
axis CWE-89
8.8
2023-07-25 CVE-2023-21405 Unspecified vulnerability in Axis products
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors cannot be opened or closed.
low complexity
axis
6.5
2023-07-25 CVE-2023-21406 Out-of-bounds Write vulnerability in Axis A1001 Firmware 1.65.1
Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP.
low complexity
axis CWE-787
8.8
2023-05-08 CVE-2023-21404 Missing Encryption of Sensitive Data vulnerability in Axis OS
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code.
network
low complexity
axis CWE-311
5.3
2023-02-21 CVE-2023-22984 Cross-site Scripting vulnerability in Axis 207W Firmware
A Vulnerability was discovered in Axis 207W network camera.
network
low complexity
axis CWE-79
6.1
2022-06-15 CVE-2017-20049 Improper Privilege Management vulnerability in Axis products
A vulnerability, was found in legacy Axis devices such as P3225 and M3005.
network
low complexity
axis CWE-269
critical
9.8