Axis Os 2016 Security Vulnerabilities and Issues — Axis Os 2016 CVE List

AxisAxis Os 2016

4 matches found

CVE•added 2021/10/05 9:45 p.m.•77 views

CVE-2021-31986

CVE-2021-31986 affects Axis OS; root cause is improper validation of user-controlled SMTP notification parameters, leading to a heap-based buffer overflow with potential crashes and data leakage. In Axis OS, affected tracks/versions include AXIS OS Active track 10.7 and 10.8, AXIS OS 2016 LTS tra...

6.8CVSS7.3AI score0.00779EPSS

CVE•added 2021/10/05 9:46 p.m.•65 views

CVE-2021-31987

CVE-2021-31987 affects Axis OS (embedded OS used in Axis devices). A user-controlled parameter in the SMTP test functionality is not properly validated, enabling bypass of blocked network recipients. Public disclosures describe this alongside related issues (CVE-2021-31986, CVE-2021-31988) in Axi...

7.5CVSS7.7AI score0.00865EPSS

CVE•added 2021/10/05 9:48 p.m.•57 views

CVE-2021-31988

CVE-2021-31988 affects Axis OS SMTP test functionality and involves injecting CRLF and arbitrary SMTP headers due to insufficient validation of a user-controlled parameter. The root cause, as described in multiple sources, is lack of proper input validation in the SMTP test flow, enabling SMTP he...

8.8CVSS8.6AI score0.00923EPSS

CVE•added 2023/10/16 6:24 a.m.•36 views

CVE-2023-21415

CVE-2023-21415 concerns AXIS OS: the VAPIX API endpoint overlay_del.cgi is vulnerable to a path traversal that allows deleting arbitrary files. Exploitation requires authentication with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions to address...

8.1CVSS7.2AI score0.0059EPSS