Axis Axis_os_2022
9 CVEs affecting Axis Axis_os_2022. Latest disclosed: 2025-04-08. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-5553 | High | 7.6 | 2023-11-21 | During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot… |
CVE-2023-21418 | High | 7.1 | 2023-11-21 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for fil… |
CVE-2023-21417 | High | 7.1 | 2023-11-21 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allo… |
CVE-2023-21416 | High | 7.1 | 2023-11-21 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing f… |
CVE-2024-0055 | Medium | 6.5 | 2024-03-19 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which cou… |
CVE-2023-21415 | Medium | 6.5 | 2023-10-16 | Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for fi… |
CVE-2023-5800 | Medium | 5.4 | 2024-02-05 | Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a po… |
CVE-2024-47261 | Medium | 4.3 | 2025-04-08 | 51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an a… |
CVE-2024-8160 | Low | 3.8 | 2024-11-26 | Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a poss… |