Summary
| Detail | |||
|---|---|---|---|
| Vendor | Axis | First view | 2018-06-26 |
| Product | p1265 Firmware | Last view | 2018-06-26 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:o:axis:p1265_firmware:*:*:*:*:*:*:*:* | 7 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2018-06-26 | CVE-2018-10664 | An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. |
| 7.5 | 2018-06-26 | CVE-2018-10663 | An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation. |
| 9.8 | 2018-06-26 | CVE-2018-10662 | An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface. |
| 9.8 | 2018-06-26 | CVE-2018-10661 | An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control. |
| 9.8 | 2018-06-26 | CVE-2018-10660 | An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection. |
| 7.5 | 2018-06-26 | CVE-2018-10659 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. |
| 7.5 | 2018-06-26 | CVE-2018-10658 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 60% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 20% (1) | CWE-200 | Information Exposure |
| 20% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
SAINT Exploits
| Description | Link |
|---|---|
| Axis IP Camera authentication bypass and command injection | More info here |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-03-12 | Axis Network Camera command injection attempt RuleID : 53078 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-03-12 | Axis Network Camera command injection attempt RuleID : 53077 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-03-12 | Axis Network Camera command injection attempt RuleID : 53076 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-03-12 | Axis Network Camera authorization bypass attempt RuleID : 53075 - Type : SERVER-WEBAPP - Revision : 1 |
| 2020-03-12 | Axis Network Camera command injection attempt RuleID : 53074 - Type : SERVER-WEBAPP - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-10-02 | Name: The remote host is affected by multiple vulnerabilities. File: axis_acv-128401.nasl - Type: ACT_GATHER_INFO |
