Lucene search
HistoryAug 18, 2005 - 4:00 a.m.
CVE-2004-2425
axis
network camera
video server
remote command execution
cve-2004-2425
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.057 Low
EPSS
Percentile
93.4%
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi.
Affected configurations
Node
axis2100_network_cameraMatch2.12
ORaxis2100_network_cameraMatch2.30
ORaxis2100_network_cameraMatch2.31
ORaxis2100_network_cameraMatch2.32
ORaxis2100_network_cameraMatch2.33
ORaxis2100_network_cameraMatch2.34
ORaxis2100_network_cameraMatch2.40
ORaxis2100_network_cameraMatch2.41
ORaxis2110_network_cameraMatch2.12
ORaxis2110_network_cameraMatch2.30
ORaxis2110_network_cameraMatch2.31
ORaxis2110_network_cameraMatch2.32
ORaxis2110_network_cameraMatch2.34
ORaxis2110_network_cameraMatch2.40
ORaxis2110_network_cameraMatch2.41
ORaxis2120_network_cameraMatch2.12
ORaxis2120_network_cameraMatch2.30
ORaxis2120_network_cameraMatch2.31
ORaxis2120_network_cameraMatch2.32
ORaxis2120_network_cameraMatch2.34
ORaxis2120_network_cameraMatch2.40
ORaxis2120_network_cameraMatch2.41
ORaxis2130_ptz_network_cameraMatch2.30
ORaxis2130_ptz_network_cameraMatch2.31
ORaxis2130_ptz_network_cameraMatch2.32
ORaxis2130_ptz_network_cameraMatch2.34
ORaxis2130_ptz_network_cameraMatch2.40
ORaxis230_mpeg2_video_serverMatch3.11
ORaxis2400_video_serverMatch1.1
ORaxis2400_video_serverMatch1.2
ORaxis2400_video_serverMatch1.10
ORaxis2400_video_serverMatch1.11
ORaxis2400_video_serverMatch1.12
ORaxis2400_video_serverMatch1.15
ORaxis2400_video_serverMatch2.0
ORaxis2400_video_serverMatch2.20
ORaxis2400_video_serverMatch2.30
ORaxis2400_video_serverMatch2.31
ORaxis2400_video_serverMatch2.32
ORaxis2400_video_serverMatch2.33
ORaxis2400_video_serverMatch2.34
ORaxis2400_video_serverMatch3.11
ORaxis2400_video_serverMatch3.12
ORaxis2401_video_serverMatch1.0_1
ORaxis2401_video_serverMatch1.15
ORaxis2401_video_serverMatch2.20
ORaxis2401_video_serverMatch2.30
ORaxis2401_video_serverMatch2.31
ORaxis2401_video_serverMatch2.32
ORaxis2401_video_serverMatch2.33
ORaxis2401_video_serverMatch2.34
ORaxis2401_video_serverMatch3.12
ORaxis2401_video_serverMatch3.13
ORaxis2411_video_serverMatch3.12
ORaxis2411_video_serverMatch3.13
ORaxis2420_network_cameraMatch2.12
ORaxis2420_network_cameraMatch2.30
ORaxis2420_network_cameraMatch2.31
ORaxis2420_network_cameraMatch2.32
ORaxis2420_network_cameraMatch2.33
ORaxis2420_network_cameraMatch2.34
ORaxis2420_network_cameraMatch2.40
ORaxis2420_network_cameraMatch2.41
ORaxis2420_video_serverMatch2.32
ORaxis2420_video_serverMatch2.34
ORaxis2460_network_dvr
ORaxis2460_network_dvrMatch3.10
ORaxis2460_network_dvrMatch3.11
ORaxis2490_serial_server
ORaxis2490_serial_serverMatch2.11.3
ORaxis250s_video_server
ORaxis250s_video_serverMatch3.03
ORaxis250s_video_serverMatch3.10
ORaxisstorpoint_cd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.057 Low
EPSS
Percentile
93.4%
Related for CVE-2004-2425