Axis Axis_os_2020

7 CVEs affecting Axis Axis_os_2020. Latest disclosed: 2024-02-05. Critical: 0, High: 4.

Top CVEs affecting Axis Axis_os_2020
CVESeverityScorePublishedSummary
CVE-2021-31988High8.82021-10-05A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) co…
CVE-2021-31987High7.52021-10-05A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
CVE-2023-21418High7.12023-11-21Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for fil…
CVE-2023-21417High7.12023-11-21Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allo…
CVE-2021-31986Medium6.82021-10-05User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
CVE-2023-21415Medium6.52023-10-16Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for fi…
CVE-2023-5800Medium5.42024-02-05Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a po…