Axis Camera_station_pro

11 CVEs affecting Axis Camera_station_pro. Latest disclosed: 2026-02-10. Critical: 2, High: 2.

Top CVEs affecting Axis Camera_station_pro
CVESeverityScorePublishedSummary
CVE-2025-30026Critical9.82025-07-11The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required.
CVE-2025-30023Critical9.02025-07-11The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
CVE-2025-11547High7.82026-02-10AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.
CVE-2025-30025High7.82025-07-11The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.
CVE-2024-7696Medium6.32025-01-07Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log…
CVE-2025-1056Medium6.12025-04-23Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can m…
CVE-2025-0926Medium5.92025-04-23Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop…
CVE-2025-12063Medium5.72026-02-10An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
CVE-2025-7622Medium5.72025-08-12During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources…
CVE-2025-12757Medium4.62026-02-10An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
CVE-2025-13064Medium4.52026-02-10A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This at…