7 matches found
CVE-2004-0789
CVE-2004-0789 describes a DNS-based DoS where remote attackers can trigger CPU/network bandwidth exhaustion by causing a communications loop: (a) spoofed DNS queries using localhost as source, or (b) a crafted response that triggers another response. Affected implementations include Poslib/Posadi...
CVE-2001-1543
Axis Network Camera models 2120, 2110, 2100, 200+ and 200 are affected by CVE-2001-1543 due to a default administrator password. This root cause allows remote attackers to gain access using the credentials pass. Impact stated across multiple sources is unauthorized access to the camera. No explic...
CVE-2003-0240
CVE-2003-0240 describes an Axis Network Camera vulnerability where authentication to the admin interface can be bypassed by requesting http://camera-ip//admin/admin.shtml (double slash). This allows remote attackers to bypass restrictions and modify configuration, potentially enabling root access...
CVE-2004-2427
CVE-2004-2427 affects Axis Network Camera (versions 2.40 and earlier) and Axis Video Server (versions 3.12 and earlier). The vulnerability enables unauthenticated remote access to sensitive information via direct requests to admin/getparam.cgi, admin/systemlog.cgi, admin/serverreport.cgi, and adm...
CVE-2007-2239
The CVE-2007-2239 entry describes a stack-based buffer overflow in the SaveBMP method of AxisCamControl.ocx (Axis Camera Control, CamImage ActiveX) affecting AXIS 2100/2110/2120/2130 PTZ, 2420/2420-IR, 2400/2400+, 2401/2401+, 2411, and Panorama PTZ. Root cause: a overflow in SaveBMP handles long ...
CVE-2004-2425
CVE-2004-2425 affects Axis Network Camera (2.40 and earlier) and Axis Video Server (3.12 and earlier). The issue allows remote attackers to execute arbitrary OS commands by injecting shell metacharacters (notably the backtick) in the query string to the CGI endpoint virtualinput.cgi. The NVD entr...
CVE-2004-2426
Axis Network Camera 2.40 and earlier and Axis Video Server 3.12 and earlier are affected by a directory-traversal vulnerability that lets remote attackers bypass authentication by using a .. sequence in an HTTP POST to ServerManager.srv and then perform privileged actions such as modifying files ...