📦 Axis Os

CVE-2025-0324 is a privilege escalation vulnerability in Axis VAPIX Device Configuration framework that allows authenticated low-privileged users to gain administrator privileges. This affects Axis ne...

CVE-2025-11142 is an OS command injection vulnerability in Axis camera VAPIX API's mediaclip.cgi endpoint that allows authenticated attackers with operator or administrator privileges to execute arbit...

This vulnerability in Axis Communications' VAPIX Device Configuration framework allows lower-privileged users to escalate their privileges to administrator level. It affects Axis network video product...

This vulnerability in Axis Communication's ACAP Application framework allows applications to bypass D-Bus method restrictions, potentially enabling unauthorized access to sensitive system functions. I...

This vulnerability allows attackers to bypass Secure Boot protection on AXIS OS devices, potentially enabling unauthorized firmware modifications or persistent compromise. It affects Axis network came...

This CVE describes a path traversal vulnerability in Axis camera systems' VAPIX API manageoverlayimage.cgi endpoint that allows authenticated users with operator or administrator privileges to delete ...

This vulnerability allows attackers to bypass Secure Boot protection on Axis devices, potentially enabling unauthorized firmware modifications or persistent compromise. It affects Axis devices running...

CVE-2021-31987 is an input validation vulnerability in Axis Communications products that allows attackers to bypass blocked SMTP recipients. This affects network devices with SMTP test functionality e...

This CVE describes a privilege escalation vulnerability in Axis devices where improper permissions and lack of input validation in ACAP configuration files could allow attackers to gain elevated privi...

This CVE describes a privilege escalation vulnerability in the ACAP Application framework through symlink attacks. It affects Axis devices configured to allow unsigned ACAP application installation. A...

This CVE describes a privilege escalation vulnerability in Axis ACAP applications where improper input validation allows malicious applications to gain elevated privileges. It affects Axis devices con...

CVE-2025-6779 is an improper permissions vulnerability in ACAP configuration files on Axis devices that could allow command injection and privilege escalation. This affects Axis devices configured to ...

This CVE describes a path traversal vulnerability in Axis ACAP configuration files that could allow privilege escalation. It affects Axis devices configured to allow unsigned ACAP application installa...

This vulnerability allows malicious ACAP applications to steal admin-level service account credentials from legitimate ACAP applications on Axis devices, potentially enabling privilege escalation. It ...

CVE-2025-3892 is a privilege escalation vulnerability in Axis devices that allows ACAP applications to execute with elevated privileges. This affects Axis device users who have enabled installation of...

This CVE describes an ACAP configuration file vulnerability in Axis devices that lacks sufficient input validation, potentially allowing arbitrary code execution. The vulnerability requires the device...

This vulnerability allows attackers to upload files via the VAPIX API uploadoverlayimage.cgi endpoint in Axis devices, potentially blocking access to create image overlays in the web interface. Attack...