Vulnerability Details CVE-2004-2425
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.141
EPSS Ranking 94.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0948.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1282.html
- http://secunia.com/advisories/12353
- http://securitytracker.com/id?1011056
- http://www.osvdb.org/9121
- http://www.securityfocus.com/bid/11011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17076
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0948.html
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1282.html
- http://secunia.com/advisories/12353
- http://securitytracker.com/id?1011056
- http://www.osvdb.org/9121
- http://www.securityfocus.com/bid/11011
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17076
Products affected by CVE-2004-2425
-
cpe:2.3:h:axis:2100_network_camera:2.12
-
cpe:2.3:h:axis:2100_network_camera:2.30
-
cpe:2.3:h:axis:2100_network_camera:2.31
-
cpe:2.3:h:axis:2100_network_camera:2.32
-
cpe:2.3:h:axis:2100_network_camera:2.33
-
cpe:2.3:h:axis:2100_network_camera:2.34
-
cpe:2.3:h:axis:2100_network_camera:2.40
-
cpe:2.3:h:axis:2100_network_camera:2.41
-
cpe:2.3:h:axis:2110_network_camera:2.12
-
cpe:2.3:h:axis:2110_network_camera:2.30
-
cpe:2.3:h:axis:2110_network_camera:2.31
-
cpe:2.3:h:axis:2110_network_camera:2.32
-
cpe:2.3:h:axis:2110_network_camera:2.34
-
cpe:2.3:h:axis:2110_network_camera:2.40
-
cpe:2.3:h:axis:2110_network_camera:2.41
-
cpe:2.3:h:axis:2120_network_camera:2.12
-
cpe:2.3:h:axis:2120_network_camera:2.30
-
cpe:2.3:h:axis:2120_network_camera:2.31
-
cpe:2.3:h:axis:2120_network_camera:2.32
-
cpe:2.3:h:axis:2120_network_camera:2.34
-
cpe:2.3:h:axis:2120_network_camera:2.40
-
cpe:2.3:h:axis:2120_network_camera:2.41
-
cpe:2.3:h:axis:2130_ptz_network_camera:2.30
-
cpe:2.3:h:axis:2130_ptz_network_camera:2.31
-
cpe:2.3:h:axis:2130_ptz_network_camera:2.32
-
cpe:2.3:h:axis:2130_ptz_network_camera:2.34
-
cpe:2.3:h:axis:2130_ptz_network_camera:2.40
-
cpe:2.3:h:axis:230_mpeg2_video_server:3.11
-
cpe:2.3:h:axis:2400_video_server:1.1
-
cpe:2.3:h:axis:2400_video_server:1.10
-
cpe:2.3:h:axis:2400_video_server:1.11
-
cpe:2.3:h:axis:2400_video_server:1.12
-
cpe:2.3:h:axis:2400_video_server:1.15
-
cpe:2.3:h:axis:2400_video_server:1.2
-
cpe:2.3:h:axis:2400_video_server:2.0
-
cpe:2.3:h:axis:2400_video_server:2.20
-
cpe:2.3:h:axis:2400_video_server:2.30
-
cpe:2.3:h:axis:2400_video_server:2.31
-
cpe:2.3:h:axis:2400_video_server:2.32
-
cpe:2.3:h:axis:2400_video_server:2.33
-
cpe:2.3:h:axis:2400_video_server:2.34
-
cpe:2.3:h:axis:2400_video_server:3.11
-
cpe:2.3:h:axis:2400_video_server:3.12
-
cpe:2.3:h:axis:2401_video_server:1.0_1
-
cpe:2.3:h:axis:2401_video_server:1.15
-
cpe:2.3:h:axis:2401_video_server:2.20
-
cpe:2.3:h:axis:2401_video_server:2.30
-
cpe:2.3:h:axis:2401_video_server:2.31
-
cpe:2.3:h:axis:2401_video_server:2.32
-
cpe:2.3:h:axis:2401_video_server:2.33
-
cpe:2.3:h:axis:2401_video_server:2.34
-
cpe:2.3:h:axis:2401_video_server:3.12
-
cpe:2.3:h:axis:2401_video_server:3.13
-
cpe:2.3:h:axis:2411_video_server:3.12
-
cpe:2.3:h:axis:2411_video_server:3.13
-
cpe:2.3:h:axis:2420_network_camera:2.12
-
cpe:2.3:h:axis:2420_network_camera:2.30
-
cpe:2.3:h:axis:2420_network_camera:2.31
-
cpe:2.3:h:axis:2420_network_camera:2.32
-
cpe:2.3:h:axis:2420_network_camera:2.33
-
cpe:2.3:h:axis:2420_network_camera:2.34
-
cpe:2.3:h:axis:2420_network_camera:2.40
-
cpe:2.3:h:axis:2420_network_camera:2.41
-
cpe:2.3:h:axis:2420_video_server:2.32
-
cpe:2.3:h:axis:2420_video_server:2.34
-
cpe:2.3:h:axis:2460_network_dvr:-
-
cpe:2.3:h:axis:2460_network_dvr:3.00
-
cpe:2.3:h:axis:2460_network_dvr:3.10
-
cpe:2.3:h:axis:2460_network_dvr:3.11
-
cpe:2.3:h:axis:2460_network_dvr:3.12
-
cpe:2.3:h:axis:2490_serial_server:-
-
cpe:2.3:h:axis:2490_serial_server:2.11.3
-
cpe:2.3:h:axis:250s_video_server:-
-
cpe:2.3:h:axis:250s_video_server:3.02
-
cpe:2.3:h:axis:250s_video_server:3.03
-
cpe:2.3:h:axis:250s_video_server:3.10
-
cpe:2.3:h:axis:storpoint_cd:-