Home
LOW: 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LDefault status
unaffected
6.50.0 (semver) before 6.50.5.22
affected
7.0.0 (semver) before 8.40.90
affected
9.0.0 (semver) before 9.80.124
affected
10.0.0 (semver) before 10.12.306
affected
11.0.0 (semver) before 11.11.178
affected
12.0.0 (semver) before 12.7.27
affected
Description
It was possible to upload files with a specific name to a temporary directory, which may result in process crashes and impact usability. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account.
Problem types
CWE-73: External Control of File Name or Path
Product status
6.50.0 (semver) before 6.50.5.22
7.0.0 (semver) before 8.40.90
9.0.0 (semver) before 9.80.124
10.0.0 (semver) before 10.12.306
11.0.0 (semver) before 11.11.178
12.0.0 (semver) before 12.7.27
Credits
Mucoze
References
www.axis.com/...c/f5/62/80/cve-2025-8998pdf-en-US-504374.pdf
