Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/12 9:31 a.m.11 views

EUVD-2026-29384

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6CVSS5.8AI score0.00396EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-39939

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6CVSS5.8AI score0.00396EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 7:15 a.m.6 views

CVE-2025-5718

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...

6.8CVSS0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/11 7:5 a.m.2 views

CVE-2025-6779

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces th...

6.7CVSS5.6AI score0.01088EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 6:52 a.m.10 views

CVE-2025-5718

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...

6.8CVSS0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 6:50 a.m.7 views

CVE-2025-5454

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.4CVSS0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 6:45 a.m.9 views

CVE-2025-4645

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

6.7CVSS0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that originates from a malicious ACAP application that can obtain administrator-level service account credentials used by a legitimate ACAP application, potentially resulting in elevated privileges f...

6.6CVSS6.8AI score0.00286EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 5:14 a.m.4 views

CVE-2025-3892

ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a maliciou...

6.7CVSS7.1AI score0.00136EPSS
Exploits0References1
Rows per page
Query Builder