Axis Axis_os_2018
5 CVEs affecting Axis Axis_os_2018. Latest disclosed: 2023-11-21. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-31988 | High | 8.8 | 2021-10-05 | A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) co… |
CVE-2021-31987 | High | 7.5 | 2021-10-05 | A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. |
CVE-2023-21418 | High | 7.1 | 2023-11-21 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for fil… |
CVE-2021-31986 | Medium | 6.8 | 2021-10-05 | User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage. |
CVE-2023-21415 | Medium | 6.5 | 2023-10-16 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for fi… |