CVE-2023-5800 in AXIS情報

要約

〜によって MITRE • 2024年02月05日

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

予約する

2023年10月26日

モデレーション

承諾済み

エントリ

VDB-252805

EPSS

0.00684

アクティビティ

非常低い

ソース

Want to stay up to date on a daily basis?

Enable the mail alert feature now!