Axis M4328-p
7 CVEs affecting Axis M4328-p. Latest disclosed: 2025-11-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-21414 | High | 7.1 | 2023-10-16 | NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as S… |
CVE-2025-5718 | Medium | 6.8 | 2025-11-11 | The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is config… |
CVE-2025-8108 | Medium | 6.7 | 2025-11-11 | An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can on… |
CVE-2025-6779 | Medium | 6.7 | 2025-11-11 | An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can o… |
CVE-2025-4645 | Medium | 6.7 | 2025-11-11 | An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the… |
CVE-2025-5452 | Medium | 6.6 | 2025-11-11 | A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege es… |
CVE-2025-5454 | Medium | 6.4 | 2025-11-11 | An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulner… |