CVE-2025-11142

The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account...

CVE-2025-11142

The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account...

PT-2026-7228

Name of the Vulnerable Software and Affected Versions VAPIX API affected versions not specified Description The VAPIX API’s mediaclip.cgi component lacks proper input validation, potentially allowing for remote code execution. Exploitation requires authentication with an operator- or...

PT-2024-15328 · Axis Communications · Axis Os

Name of the Vulnerable Software and Affected Versions: AXIS OS versions prior to the patched version Description: The VAPIX APIs, specifically the "mediaclip.cgi" and "playclip.cgi" endpoints, were found to be vulnerable to file globbing, which could lead to a resource exhaustion attack. This iss...