Описание
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 12.6.54 (включая) до 12.7.36 (исключая)
cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*
EPSS
Процентиль: 39%
0.00499
Низкий
7.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.1
github
5 месяцев назад
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account.
EPSS
Процентиль: 39%
0.00499
Низкий
7.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-78