CVE-2023-5800 in AXISinformação

Sumário

de MITRE • 05/02/2024

Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

26/10/2023

Divulgação

05/02/2024

Moderação

aceite

Entrada

VDB-252805

CPE

pronto

EPSS

0.00684

KEV

não

Atividades

muito baixo

Fontes

Do you want to use VulDB in your project?

Use the official API to access entries easily!