Axis

Axis Os

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-21405

  • EPSS 0.07%
  • Veröffentlicht 25.07.2023 08:15:09
  • Zuletzt bearbeitet 21.11.2024 07:42:47

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door...

5.3

CVE-2023-21404

  • EPSS 0.12%
  • Veröffentlicht 08.05.2023 21:15:10
  • Zuletzt bearbeitet 29.01.2025 17:15:22

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.

6.8

CVE-2021-31986

  • EPSS 0.58%
  • Veröffentlicht 05.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:40

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.

8.8

CVE-2021-31988

  • EPSS 1.02%
  • Veröffentlicht 05.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:40

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

7.5

CVE-2021-31987

  • EPSS 0.11%
  • Veröffentlicht 05.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:40

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.