Skip to main content

Axis OS EUVDEUVD-2026-29386

| CVE-2026-1185 MEDIUM
Incorrect Permission Assignment for Critical Resource (CWE-732)
2026-05-12 Axis GHSA-f6c8-p53h-5ph7
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

3
Patch available
May 12, 2026 - 08:01 EUVD
Analysis Generated
May 12, 2026 - 06:45 vuln.today
CVE Published
May 12, 2026 - 05:49 nvd
MEDIUM 5.4

DescriptionCVE.org

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH.

AnalysisAI

Improper input validation in an Axis OS configuration file allows authenticated SSH users to execute code and potentially escalate privileges. The vulnerability requires valid SSH credentials but affects all Axis OS versions, making it a significant risk for organizations running Axis network devices with SSH access exposed or shared credentials.

Technical ContextAI

The vulnerability exists in a local configuration file on Axis OS devices that lacks proper input validation (CWE-732: Incorrect Permission Assignment for Critical Resource). The affected software is Axis OS running on Axis Communications network devices, with the CPE indicating all versions are potentially vulnerable. The configuration file processing mechanism does not sanitize or validate input before execution, allowing an authenticated local or remote user with SSH access to inject commands that execute with elevated privileges. This is a post-authentication code execution flaw that leverages improper file permission or validation controls.

RemediationAI

Apply the latest Axis OS firmware version provided by Axis Communications, as specified in the official security advisory (https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-en-US-530733.pdf). Interim compensating controls: restrict SSH access to trusted networks using firewall rules to limit remote login capabilities, disable SSH on Axis devices that do not require remote management, enforce strong password policies for SSH-enabled accounts, implement network segmentation to isolate Axis devices from general user networks, and monitor SSH authentication logs for unauthorized access attempts. Note that all workarounds are temporary; patching is the definitive fix.

CVE-2025-0324 CRITICAL
9.4 Jun 02

Privilege escalation in Axis VAPIX framework.

CVE-2025-0358 HIGH
8.8 Jun 02

Privilege escalation vulnerability in Axis Communications' VAPIX Device Configuration framework that allows a local, aut

CVE-2021-31988 HIGH
8.8 Oct 05

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the

CVE-2025-0359 HIGH
8.5 Mar 04

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Appli

CVE-2023-21415 HIGH
8.1 Oct 16

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to pa

CVE-2025-0360 HIGH
7.8 Mar 04

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Devi

CVE-2021-31987 HIGH
7.5 Oct 05

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass b

CVE-2023-21413 HIGH
7.2 Oct 16

GoSecure on behalf of Genetec Inc. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attac

CVE-2025-11142 HIGH
7.1 Feb 10

The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code executio

CVE-2023-21418 HIGH
7.1 Nov 21

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to pat

CVE-2023-21417 HIGH
7.1 Nov 21

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerab

CVE-2023-5553 MEDIUM
6.8 Nov 21

During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device t

Share

EUVD-2026-29386 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy