Axis Axis_os_2024

8 CVEs affecting Axis Axis_os_2024. Latest disclosed: 2025-06-02. Critical: 1, High: 2.

Top CVEs affecting Axis Axis_os_2024
CVESeverityScorePublishedSummary
CVE-2025-0324Critical9.42025-06-02The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
CVE-2025-0359High8.52025-03-04During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applicati…
CVE-2025-0360High7.82025-03-04During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that could l…
CVE-2024-6979Medium6.82024-09-10Amin Aliakbari, member of the AXIS OS Bug Bounty Program, has found a broken access control which would lead to less-privileged operator- and/or viewer account…
CVE-2025-0361Medium4.32025-04-08During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowe…
CVE-2024-47261Medium4.32025-04-0851l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an a…
CVE-2024-8160Low3.82024-11-26Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a poss…
CVE-2024-47259Low3.52025-03-04Girishunawane, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi did not have a sufficient input validation allowing fo…