Axis Axis_os_2016
4 CVEs affecting Axis Axis_os_2016. Latest disclosed: 2023-10-16. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-31988 | High | 8.8 | 2021-10-05 | A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) co… |
CVE-2021-31987 | High | 7.5 | 2021-10-05 | A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. |
CVE-2021-31986 | Medium | 6.8 | 2021-10-05 | User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage. |
CVE-2023-21415 | Medium | 6.5 | 2023-10-16 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for fi… |