Lucene search
K

4 matches found

NVD
NVD
added 2024/09/10 5:15 a.m.23 views

CVE-2024-6509

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security...

6.5CVSS0.00391EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/10 4:58 a.m.14 views

CVE-2024-6509

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security...

6.5CVSS7AI score0.00391EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 4:54 a.m.26 views

CVE-2024-0067

Marinus Pfund, member of the AXIS OS Bug Bounty Program, has found the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer...

4.3CVSS0.0038EPSS
Exploits0References1
CVE
CVE
added 2024/09/10 4:54 a.m.82 views

CVE-2024-0067

CVE-2024-0067 affects Axis OS via the VAPIX API ledlimit.cgi. The vulnerability is a path traversal flaw that allows an attacker to enumerate folder/file names on the device’s local file system. It is triggered through the VAPIX ledlimit.cgi endpoint and leads to information disclosure (listing n...

4.3CVSS6.7AI score0.0038EPSS
Exploits0References1
Rows per page
Query Builder