A broken access control was found allowing for privileged escalation of the operator account to gainadministrator privileges.
8.8CVSS
8.7AI Score
0.001EPSS
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentialsthat are used in the integration interface towards 3rd party systems.
9.8CVSS
9.3AI Score
0.002EPSS
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administratorcredentials allowing the configuration of the application.
9.8CVSS
9.3AI Score
0.002EPSS
User provided input is not sanitized on the AXIS License Plate Verifier specific โapi.cgiโ allowing forarbitrary code execution.
8.8CVSS
8.7AI Score
0.002EPSS
User provided input is not sanitized in the โSettings > Access Controlโ configuration interface allowing forarbitrary code execution.
8.8CVSS
8.7AI Score
0.002EPSS
User provided input is not sanitized on the AXIS License Plate Verifier specific โsearch.cgiโ allowing forSQL injections.
8.8CVSS
8.6AI Score
0.001EPSS