4 matches found
CVE-2024-8160
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticati...
CVE-2024-8160
Summary (CVE-2024-8160) : The vulnerability affects Axis OS (AXIS OS) versions prior to the patched release. The flaw resides in the VAPIX API’s ftptest.cgi due to insufficient input validation, enabling a possible command injection that could allow transferring files to/from the Axis device. Exp...
CVE-2024-8160
Erik de Jong, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection leading to being able to transfer files from/to the Axis device. This flaw can only be exploited after authenticati...
PT-2024-38846
Name of the Vulnerable Software and Affected Versions: AXIS OS versions prior to the patched version Description: The VAPIX API ftptest.cgi did not have sufficient input validation, allowing for a possible command injection. This could lead to the ability to transfer files from or to the Axis...