Home
MEDIUM: 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LDefault status
unaffected
6.50.0 (semver) before 6.50.5.21
affected
7.0.0 (semver) before 8.40.89
affected
9.0.0 (semver) before 9.80.123
affected
10.0.0 (semver) before 10.12.305
affected
11.0.0 (semver) before 11.11.177
affected
12.0.0 (semver) before 12.7.11
affected
Description
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.
Problem types
CWE-1287: Improper Validation of Specified Type of Input
Product status
6.50.0 (semver) before 6.50.5.21
7.0.0 (semver) before 8.40.89
9.0.0 (semver) before 9.80.123
10.0.0 (semver) before 10.12.305
11.0.0 (semver) before 11.11.177
12.0.0 (semver) before 12.7.11
Credits
Mucoze
References
www.axis.com/...c/f1/f0/1e/cve-2025-9524pdf-en-US-504220.pdf
