4.5
CVE-2025-13064
- EPSS 0.01%
- Veröffentlicht 10.02.2026 05:40:34
- Zuletzt bearbeitet 17.02.2026 15:10:00
- Quelle product-security@axis.com
- CVE-Watchlists
- Unerledigt
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Axis ≫ Camera Station Pro Version < 6.14.10768
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.01 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| product-security@axis.com | 4.5 | 0.9 | 3.6 |
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
|
CWE-248 Uncaught Exception
An exception is thrown from a function, but it is not caught.