CVE-2024-0054

Common Vulnerabilities and Exposures

Last Post by Cyber Sec 1 year ago

1 Posts

1 Users

0 Reactions

476 Views

RSS

Cyber Sec

(@cybersec)

Posts: 37

Eminent Member

Topic starter

Description

Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

References

MISC: https://www.axis.com/dam/public/76/f3/1d/cve-2024-0054-en-US-432116.pdf
URL: https://www.axis.com/dam/public/76/f3/1d/cve-2024-0054-en-US-432116.pdf

Posted : 09/06/2024 9:09 am

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed