2 matches found
CVE-2022-28861
The server in Citilog 8.0 allows an attacker in a man in the middle position between the server and its smart camera Axis M1125 to see FTP credentials in a cleartext HTTP traffic. These can be used for FTP access to the server...
PT-2022-19267 · Axis · Axis M1125
Name of the Vulnerable Software and Affected Versions: Citilog version 8.0 Description: An authentication downgrade in the server allows an attacker, in a man-in-the-middle position between the server and its smart camera Axis M1125, to achieve HTTP access to the camera. Recommendations: For...