Home
CRITICAL: 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:LDefault status
unaffected
11.8.0 (semver) before 11.11.140
affected
12.0.0 (semver) before 12.3.33
affected
Description
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
Problem types
CWE-791: Incomplete Filtering of Special Elements
Product status
11.8.0 (semver) before 11.11.140
12.0.0 (semver) before 12.3.33
Credits
Malacupa
References
www.axis.com/...c/04/f3/1c/cve-2025-0324pdf-en-US-483807.pdf