CVE-2018-9157

An issue was discovered on AXIS M1033-W IP camera Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server modinclude...

CVE-2018-9158

An issue was discovered on AXIS M1033-W IP camera Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from...

CVE-2018-9156

An issue was discovered on AXIS P1354 IP camera Firmware version 5.90.1.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server modinclude modul...

CVE-2018-9157

An issue was discovered on AXIS M1033-W IP camera Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server modinclude...

PT-2018-18893 · Apache +1 · Apache Http Server +1

Name of the Vulnerable Software and Affected Versions: AXIS P1354 IP camera Firmware version 5.90.1.1 Description: An issue was discovered where the upload web page does not verify the file type, allowing an attacker to upload a webshell by making a fileUpload.shtml request for a custom .shtml...

Axis 2001 Network Camera <= 2.43 XSS Vulnerability

Axis 2001 Network Cameras are prone to cross-site scripting XSS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...

Axis Camera Multiple Products RCE (Devil's Ivy)

Binary data 7279.pasl...

AXIS Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

Exploit for hardware platform in category web applications Introduction ============ Vulnerabilities were identified in the camera software by Axis. These were discovered during a black box assessment and therefore the vulnerability list should not be considered exhaustive; observations suggest...

AXIS Camera Detection via SNMP

Binary data 9683.prm...

AXIS Camera Detection via FTP

Binary data 9681.prm...

AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - BoF Exploit

No description provided by source. pre codespan style=font: 10pt Courier New;span class=general1-symbol----------------------------------------------------------------------------------------------- bPoC AXIS Camera Control AxisCamControl.ocx v. 1.0.2.15 SaveBMP Method Buffer Overflow/b original...

AXIS Camera Detection

Binary data 8301.prm...

AXIS Camera控件image_pan_tilt属性缓冲区溢出漏洞

AXIS Camera Control是一种可以在IE中观看网络流媒体的控件程序。 AXIS Camera Control的实现上存在缓冲溢出漏洞，远程恶意网站可能利用此漏洞控制用户客户端系统。 控件在处理超长的imagepantilt属性数据时存在堆溢出问题，远程恶意网站可以通过设置超长的数据触发溢出控制客户端系统。 Axis Communications Camera Control = 2.40.0.0 厂商补丁： Axis Communications ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Heap overflow

Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long imagepantilt property value...

KLA10051 ACE vulnerability in Axis Camera Control

A buffer overflow vulnerability was found in Axis Camera Control. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited from the network at a point related to AxisCamControl.ocx via a specially designed imagepantilt property value. Origin...

Secunia Research: AXIS Camera Control &quot;image_pan_tilt&quot; Property Buffer Overflow

====================================================================== Secunia Research 23/01/2009 - AXIS Camera Control "imagepantilt" Property Buffer Overflow - ====================================================================== Table of Contents Affected...

AXIS Camera Control ActiveX buffer overflow

Buffer overflow in imagepantilt property...

CVE-2007-4928

The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information...

CVE-2007-4930

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via 1 axis-cgi/admin/restart.cgi, 2 the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or 3 the server parameter to...

axis-camcontrol.txt

----------------------------------------------------------------------------------------------- PoC AXIS Camera Control AxisCamControl.ocx v. 1.0.2.15 "SaveBMP" Method Buffer Overflow original advisory: http://secunia.com/advisories/25093/ author: shinnai mail: shinnaiatautisticidotorg site:...