5 matches found
CVE-2025-0324
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges...
CVE-2025-0358
CVE-2025-0358 concerns Axis Communications’ VAPIX Device Configuration framework. Multiple connected sources indicate a privilege-escalation flaw where a lower-privileged user can gain administrator privileges. CNNVD specifies Axis OS versions 12.0–12.3 with the issue arising from improper privil...
CVE-2025-0324
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges...
CVE-2025-0324
AXIS OS (Axis Communications) vulnerability CVE-2025-0324 affects AXIS OS versions 11.8 through 12.2, via the VAPIX Device Configuration framework, causing privilege escalation from a lower-privileged user to administrator. Root cause described as an elevation of privilege issue. Public details a...
CVE-2025-0361
During an annual penetration test conducted on behalf of Axis Communications, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed for unauthenticated username enumeration through the VAPIX Device Configuration SSH Management API...