CVE Tools

axis communications

ICS / OT / IoTcommercial

4

Cumulative CVEs

1

Monthly snapshots

#165

Peak rank

Top products

Latest CVEs

The 14 most recently published vulnerabilities affecting axis communications.

CVE-2025-30023The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.9.0Jul 11, 2025
CVE-2025-0358During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a l...8.8Jun 2, 2025
CVE-2025-0324The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.9.4Jun 2, 2025
CVE-2025-0926Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when r...5.9Apr 23, 2025
CVE-2025-1056Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files...6.1Apr 23, 2025
CVE-2023-5553During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a...7.6Nov 21, 2023
CVE-2023-21418Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be expl...7.1Nov 21, 2023
CVE-2023-21417Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw...7.1Nov 21, 2023
CVE-2023-21416Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the ...7.1Nov 21, 2023
CVE-2023-21415Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exp...6.5Oct 16, 2023
CVE-2023-21412Non-sanitized user input could lead to SQL injections in AXIS License Plate Verifier7.2Aug 3, 2023
CVE-2023-21410Non-sanitized user input could lead to arbitrary code execution in AXIS License Plate Verifier7.2Aug 3, 2023
CVE-2023-21406Heap-based buffer overflow in Axis A1001 Network Door Controller's OSDP communication7.1Jul 25, 2023
CVE-2023-21405Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication6.5Jul 25, 2023