Axis

Axis Os

35 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-21405

  • EPSS 0.07%
  • Published 25.07.2023 08:15:09
  • Last modified 21.11.2024 07:42:47

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door...

5.3

CVE-2023-21404

  • EPSS 0.12%
  • Published 08.05.2023 21:15:10
  • Last modified 29.01.2025 17:15:22

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to compromise the device or any customer data.

6.8

CVE-2021-31986

  • EPSS 0.58%
  • Published 05.10.2021 22:15:07
  • Last modified 21.11.2024 06:06:40

User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.

8.8

CVE-2021-31988

  • EPSS 1.02%
  • Published 05.10.2021 22:15:07
  • Last modified 21.11.2024 06:06:40

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary SMTP headers in the generated test email.

7.5

CVE-2021-31987

  • EPSS 0.11%
  • Published 05.10.2021 22:15:07
  • Last modified 21.11.2024 06:06:40

A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.