Vulnerabilites related to axis - q7414_firmware
cve-2023-5677
Vulnerability from cvelistv5
Published
2024-02-05 05:20
Modified
2024-11-08 08:24
Severity ?
EPSS score ?
Summary
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. The impact of exploiting
this vulnerability is lower with operator-privileges compared to
administrator-privileges service accounts. Axis has released patched AXIS OS
versions for the highlighted flaw. Please refer to the Axis security advisory
for more information and solution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Axis Communications AB | AXIS OS |
Version: AXIS OS 5.51 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"status": "affected",
"version": "AXIS OS 5.51"
}
]
}
],
"datePublic": "2024-02-05T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eBrandon\nRothel from QED Secure Solutions has found that the VAPIX API \u003ci\u003etcptest.cgi\u003c/i\u003e\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution. \u003c/p\u003e"
}
],
"value": "Brandon\nRothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T08:24:18.580Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insufficient input validation in VAPIX API tcptext.cgi",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2023-5677",
"datePublished": "2024-02-05T05:20:24.483Z",
"dateReserved": "2023-10-20T07:48:06.861Z",
"dateUpdated": "2024-11-08T08:24:18.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-02-05 06:15
Modified
2024-11-21 08:42
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a sufficient input validation allowing for a possible remote code
execution. This flaw can only be exploited after authenticating with an
operator- or administrator-privileged service account. The impact of exploiting
this vulnerability is lower with operator-privileges compared to
administrator-privileges service accounts. Axis has released patched AXIS OS
versions for the highlighted flaw. Please refer to the Axis security advisory
for more information and solution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| axis | m3024-lve_firmware | * | |
| axis | m3024-lve | - | |
| axis | m3025-ve_firmware | * | |
| axis | m3025-ve | - | |
| axis | m7014_firmware | * | |
| axis | m7014 | - | |
| axis | m7016_firmware | * | |
| axis | m7016 | - | |
| axis | p1214-e_firmware | * | |
| axis | p1214-e | - | |
| axis | p7214_firmware | * | |
| axis | p7214 | - | |
| axis | p7216_firmware | * | |
| axis | p7216 | - | |
| axis | q7401_firmware | * | |
| axis | q7401 | - | |
| axis | q7404_firmware | * | |
| axis | q7404 | - | |
| axis | q7414_firmware | * | |
| axis | q7414 | - | |
| axis | q7424-r_mk_ii_firmware | * | |
| axis | q7424-r_mk_ii | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD58564-8A6D-4A4A-94BC-1163A7512951",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:m3024-lve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51A676F7-81A2-470F-B5AE-0684596CD13F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19DB8F9A-73CB-48EE-B493-0C89BE2338FE",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:m3025-ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB751571-D477-4D70-90DE-7B956A752072",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:m7014_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "096D5F50-DFCB-436F-B17F-59DAB4CCDB11",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:m7014:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37A5B7B4-9C9B-48A7-8EF6-B511BEA39456",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:m7016_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55063889-8669-4EEA-AAFD-AC8C37F61A99",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:m7016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36508E54-ED34-4706-AF59-49ACBB21B60A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:p1214-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7535314-78B5-403A-BC93-FBBDB769821C",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:p1214-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0562D86-35D8-42A2-9784-BEF72209C2A0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:p7214_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722C5352-15D9-48DD-B64A-B8EC10DA15EC",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:p7214:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F038A16-4542-4249-A06E-80E5456C70BC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:p7216_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC60D72C-6B09-4629-A28B-D0F4248F81C0",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:p7216:-:*:*:*:*:*:*:*",
"matchCriteriaId": "056BA315-23A3-431A-9F7B-A1758808DB6E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:q7401_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B802948-6660-49AC-BBA9-7441A525D60C",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:q7401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15FBB812-E5B2-4152-AA6C-64138094FF90",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:q7404_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "087E2F65-B69A-42DA-A354-EAE4D83EDB6D",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:q7404:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6021F9F-3109-4D52-9C41-478AC758DBFC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:q7414_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF8E6DBA-575D-4DC7-847D-4E626617A199",
"versionEndExcluding": "5.51.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:q7414:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5592008-9957-49AD-975A-C1F6F77817AA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:axis:q7424-r_mk_ii_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75C0A14B-E3E8-4942-B87C-D71158B87905",
"versionEndExcluding": "5.51.3.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:axis:q7424-r_mk_ii:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6093F4BD-5C7E-4EE9-BA75-76FDA3D245FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Brandon\nRothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi\ndid not have a sufficient input validation allowing for a possible remote code\nexecution. This flaw can only be exploited after authenticating with an\noperator- or administrator-privileged service account. The impact of exploiting\nthis vulnerability is lower with operator-privileges compared to\nadministrator-privileges service accounts. Axis has released patched AXIS OS\nversions for the highlighted flaw. Please refer to the Axis security advisory\nfor more information and solution."
},
{
"lang": "es",
"value": "Brandon Rothel de QED Secure Solutions descubri\u00f3 que la API VAPIX tcptest.cgi no ten\u00eda una validaci\u00f3n de entrada suficiente que permitiera una posible ejecuci\u00f3n remota de c\u00f3digo. Esta falla solo puede explotarse despu\u00e9s de autenticarse con una cuenta de servicio con privilegios de operador o administrador. El impacto de explotar esta vulnerabilidad es menor con privilegios de operador en comparaci\u00f3n con cuentas de servicio con privilegios de administrador. Axis ha lanzado versiones parcheadas del sistema operativo AXIS para la falla resaltada. Consulte el aviso de seguridad de Axis para obtener m\u00e1s informaci\u00f3n y soluciones."
}
],
"id": "CVE-2023-5677",
"lastModified": "2024-11-21T08:42:15.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "product-security@axis.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-05T06:15:46.690",
"references": [
{
"source": "product-security@axis.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.axis.com/dam/public/a9/dd/f1/cve-2023-5677-en-US-424335.pdf"
}
],
"sourceIdentifier": "product-security@axis.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "product-security@axis.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}