CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
93.1%
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi.
Vendor | Product | Version | CPE |
---|---|---|---|
axis | 2100_network_camera | 2.12 | cpe:2.3:h:axis:2100_network_camera:2.12:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.30 | cpe:2.3:h:axis:2100_network_camera:2.30:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.31 | cpe:2.3:h:axis:2100_network_camera:2.31:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.32 | cpe:2.3:h:axis:2100_network_camera:2.32:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.33 | cpe:2.3:h:axis:2100_network_camera:2.33:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.34 | cpe:2.3:h:axis:2100_network_camera:2.34:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.40 | cpe:2.3:h:axis:2100_network_camera:2.40:*:*:*:*:*:*:* |
axis | 2100_network_camera | 2.41 | cpe:2.3:h:axis:2100_network_camera:2.41:*:*:*:*:*:*:* |
axis | 2110_network_camera | 2.12 | cpe:2.3:h:axis:2110_network_camera:2.12:*:*:*:*:*:*:* |
axis | 2110_network_camera | 2.30 | cpe:2.3:h:axis:2110_network_camera:2.30:*:*:*:*:*:*:* |