Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8160)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection to transfer files to/from the Axis device. This flaw can only be exploited after authenticating with an...