|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-04-14 | |
| Rule Name: | Axis Network Camera Command Injection Vulnerability (CVE-2018-10662) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.The vulnerability stems from the program does not restrict user access to dbus. Attackers can use this vulnerability to access the dbus-service interface. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Network Device | |
| Reference: | ExploitDB:45100 https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/ https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://www.axis.com/files/faq/Advisory_ACV-128401.pdf |