Skip to main content

Axis Communications Firmware

2 CVEs product

Monthly

CVE-2015-8258 HIGH POC THREAT Act Now

AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.4%.

Code Injection Axis Communications Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
17.4%
CVE-2015-8255 HIGH POC This Week

AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Axis Communications Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.4%
EPSS 17% CVSS 7.5
HIGH POC THREAT Act Now

AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 17.4%.

Code Injection Axis Communications Firmware
NVD Exploit-DB
EPSS 0% CVSS 8.8
HIGH POC This Week

AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Axis Communications Firmware
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy