Skip to main content

Axis Os 2016

4 CVEs product

Monthly

CVE-2023-21415 HIGH This Week

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Axis Os Axis Os 2016 Axis Os 2018 Axis Os 2020 +1
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-31988 HIGH This Week

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Axis Os Axis Os 2016 Axis Os 2018 Axis Os 2020
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-31987 HIGH This Week

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Axis Os Axis Os 2016 Axis Os 2018 Axis Os 2020
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-31986 MEDIUM This Month

User controlled parameters related to SMTP notifications are not correctly validated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Heap Overflow Axis Os Axis Os 2016 Axis Os 2018 +1
NVD
CVSS 3.1
6.8
EPSS
0.8%
EPSS 1% CVSS 8.1
HIGH This Week

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Axis Os Axis Os 2016 +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Axis Os Axis Os 2016 +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Axis Os Axis Os 2016 +2
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

User controlled parameters related to SMTP notifications are not correctly validated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow Heap Overflow Axis Os +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy