Filtered by vendor Axis Subscriptions
Total 67 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2003-1386 1 Axis 2 2400 Video Server, 2401 Video Server 2024-11-21 N/A
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
CVE-2003-0240 1 Axis 9 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 6 more 2024-11-21 N/A
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
CVE-2001-1543 1 Axis 5 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 2 more 2024-11-21 N/A
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.
CVE-2000-0191 1 Axis 1 Storpoint Cd 2024-11-21 N/A
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVE-2000-0144 1 Axis 1 700 Network Document Server 2024-11-21 N/A
Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.
CVE-2024-7784 1 Axis 1 Axis Os 2024-11-08 6.1 Medium
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVE-2024-6979 1 Axis 1 Axis Os 2024-11-08 6.8 Medium
Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer accounts having more privileges than designed. The risk of exploitation is very low as it requires complex steps to execute, including knowing of account passwords and social engineering attacks in tricking the administrator to perform specific configurations on operator- and/or viewer-privileged accounts. Axis has released patched AXIS OS a version for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.