High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-01	CVE-2018-9156	Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. network high complexity axis CWE-434	7.5
2017-05-02	CVE-2015-8257	Command Injection vulnerability in Axis Network Camera Firmware The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml. network low complexity axis CWE-77	8.8
2017-04-10	CVE-2015-8258	Injection vulnerability in Axis Communications Firmware 5.80.3 AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." network low complexity axis CWE-74	7.5
2017-04-10	CVE-2015-8255	Cross-Site Request Forgery (CSRF) vulnerability in Axis Communications Firmware AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. network low complexity axis CWE-352	8.8