Camera Station
Monthly
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.
CVE-2025-30026 is a critical authentication bypass vulnerability in AXIS Camera Station Server that allows unauthenticated remote attackers to completely compromise the system without requiring valid credentials. The flaw has a CVSS score of 9.8 with a CVSS vector indicating network-accessible, low-complexity exploitation requiring no privileges or user interaction, enabling attackers to achieve full confidentiality, integrity, and availability compromise. This vulnerability affects the AXIS Camera Station Server product line and represents an immediate and severe threat requiring emergency patching.
CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows authenticated users to execute arbitrary code on affected systems. The flaw affects users with valid credentials who can access the affected service over an adjacent network segment, potentially compromising confidentiality, integrity, and availability across trust boundaries. While specific product details are limited in the provided data, this represents a high-severity risk requiring immediate patching, particularly if actively exploited or if public proof-of-concept code exists.
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.
CVE-2025-30026 is a critical authentication bypass vulnerability in AXIS Camera Station Server that allows unauthenticated remote attackers to completely compromise the system without requiring valid credentials. The flaw has a CVSS score of 9.8 with a CVSS vector indicating network-accessible, low-complexity exploitation requiring no privileges or user interaction, enabling attackers to achieve full confidentiality, integrity, and availability compromise. This vulnerability affects the AXIS Camera Station Server product line and represents an immediate and severe threat requiring emergency patching.
CVE-2025-30023 is a critical remote code execution vulnerability in a client-server communication protocol that allows authenticated users to execute arbitrary code on affected systems. The flaw affects users with valid credentials who can access the affected service over an adjacent network segment, potentially compromising confidentiality, integrity, and availability across trust boundaries. While specific product details are limited in the provided data, this represents a high-severity risk requiring immediate patching, particularly if actively exploited or if public proof-of-concept code exists.