Vulnerability in Axis Axis_os

CVE-2024-47261

51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web inte…

EPSS: 0.003 (24.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-47261?
CVE-2024-47261 is a medium-severity vulnerability in Axis Axis_os, classified under CWE-1287. CVSS score: 4.3/10. Published 2025-04-08.
How severe is CVE-2024-47261?
Medium severity. CVSS v3 base score is 4.3 out of 10.