Search
Find a vulnerability
Search criteria
18 vulnerabilities found for m1033-w_firmware by axis
CVE-2018-10664 (GCVE-0-2018-10664)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10664",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10663 (GCVE-0-2018-10663)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10663",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:47.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10662 (GCVE-0-2018-10662)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10662",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10661 (GCVE-0-2018-10661)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10661",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10660 (GCVE-0-2018-10660)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10660",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10659 (GCVE-0-2018-10659)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10659",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10658 (GCVE-0-2018-10658)
Vulnerability from nvd – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10658",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9158 (GCVE-0-2018-9158)
Vulnerability from nvd – Published: 2018-04-01 18:00 – Updated: 2024-08-05 07:17
VLAI
Summary
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.slideshare.net/secret/HpAEwK5qo5U4b1 | x_refsource_MISC |
Date Public
2018-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don\u0027t employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-01T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don\u0027t employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1",
"refsource": "MISC",
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9158",
"datePublished": "2018-04-01T18:00:00.000Z",
"dateReserved": "2018-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:17:51.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9157 (GCVE-0-2018-9157)
Vulnerability from nvd – Published: 2018-04-01 18:00 – Updated: 2024-08-05 07:17 Disputed
VLAI
Summary
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.slideshare.net/secret/pRWQOOe6rN8Iyb | x_refsource_MISC |
Date Public
2018-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn\u0027t verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with \"\u003c!--#exec cmd=\" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-01T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn\u0027t verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with \"\u003c!--#exec cmd=\" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb",
"refsource": "MISC",
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9157",
"datePublished": "2018-04-01T18:00:00.000Z",
"dateReserved": "2018-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:17:51.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10662 (GCVE-0-2018-10662)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10662",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10661 (GCVE-0-2018-10661)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10661",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10658 (GCVE-0-2018-10658)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10658",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10660 (GCVE-0-2018-10660)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.exploit-db.com/exploits/45100/ | exploitx_refsource_EXPLOIT-DB |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-02T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "45100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45100/"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10660",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10664 (GCVE-0-2018-10664)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10664",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10659 (GCVE-0-2018-10659)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10659",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:46.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10663 (GCVE-0-2018-10663)
Vulnerability from cvelistv5 – Published: 2018-06-26 18:00 – Updated: 2024-08-05 07:46
VLAI
Summary
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.axis.com/files/sales/ACV-128401_Affec… | x_refsource_CONFIRM |
| https://www.axis.com/files/faq/Advisory_ACV-128401.pdf | x_refsource_CONFIRM |
| https://blog.vdoo.com/2018/06/18/vdoo-discovers-s… | x_refsource_MISC |
Date Public
2018-06-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:47.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf"
},
{
"name": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf",
"refsource": "CONFIRM",
"url": "https://www.axis.com/files/faq/Advisory_ACV-128401.pdf"
},
{
"name": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/",
"refsource": "MISC",
"url": "https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-10663",
"datePublished": "2018-06-26T18:00:00.000Z",
"dateReserved": "2018-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:46:47.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9157 (GCVE-0-2018-9157)
Vulnerability from cvelistv5 – Published: 2018-04-01 18:00 – Updated: 2024-08-05 07:17 Disputed
VLAI
Summary
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn't verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with "<!--#exec cmd=" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.slideshare.net/secret/pRWQOOe6rN8Iyb | x_refsource_MISC |
Date Public
2018-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn\u0027t verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with \"\u003c!--#exec cmd=\" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-01T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
],
"tags": [
"disputed"
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. The upload web page doesn\u0027t verify the file type, and an attacker can upload a webshell by making a fileUpload.shtml request for a custom .shtml file, which is interpreted by the Apache HTTP Server mod_include module with \"\u003c!--#exec cmd=\" support. The file needs to include a specific string to meet the internal system architecture. After the webshell upload, an attacker can use the webshell to perform remote code execution such as running a system command (ls, ping, cat /etc/passwd, etc.). NOTE: the vendor reportedly indicates that this is an intended feature or functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb",
"refsource": "MISC",
"url": "https://www.slideshare.net/secret/pRWQOOe6rN8Iyb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9157",
"datePublished": "2018-04-01T18:00:00.000Z",
"dateReserved": "2018-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:17:51.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-9158 (GCVE-0-2018-9158)
Vulnerability from cvelistv5 – Published: 2018-04-01 18:00 – Updated: 2024-08-05 07:17
VLAI
Summary
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.slideshare.net/secret/HpAEwK5qo5U4b1 | x_refsource_MISC |
Date Public
2018-04-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-04-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don\u0027t employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-01T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don\u0027t employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood attack, and the services are interrupted from attack start to end."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1",
"refsource": "MISC",
"url": "https://www.slideshare.net/secret/HpAEwK5qo5U4b1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9158",
"datePublished": "2018-04-01T18:00:00.000Z",
"dateReserved": "2018-03-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:17:51.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}