Vulnerability Details CVE-2025-5454
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.8%
CVSS Severity
CVSS v3 Score 6.4
Products affected by CVE-2025-5454
-
cpe:2.3:h:axis:a1210_(-b):-
-
cpe:2.3:h:axis:a1214:-
-
cpe:2.3:h:axis:a1601:-
-
cpe:2.3:h:axis:a1610_(-b):-
-
cpe:2.3:h:axis:a1710-b:-
-
cpe:2.3:h:axis:a1810-b:-
-
cpe:2.3:h:axis:a8207-ve_mk_ii:-
-
cpe:2.3:h:axis:c1110-e:-
-
cpe:2.3:h:axis:c1111-e:-
-
cpe:2.3:h:axis:c1210-e:-
-
cpe:2.3:h:axis:c1211-e:-
-
cpe:2.3:h:axis:c1310-e_mk_ii:-
-
cpe:2.3:h:axis:c1410_mk_ii:-
-
cpe:2.3:h:axis:c1510:-
-
cpe:2.3:h:axis:c1511:-
-
cpe:2.3:h:axis:c1610-ve:-
-
cpe:2.3:h:axis:c1710:-
-
cpe:2.3:h:axis:c1720:-
-
cpe:2.3:h:axis:c6110:-
-
cpe:2.3:h:axis:c8110:-
-
cpe:2.3:h:axis:c8210:-
-
cpe:2.3:h:axis:d1110:-
-
cpe:2.3:h:axis:d201-s_xpt_q6075:-
-
cpe:2.3:h:axis:d2110-ve:-
-
cpe:2.3:h:axis:d2210-ve:-
-
cpe:2.3:h:axis:d3110_mk_ii:-
-
cpe:2.3:h:axis:d4100-ve_mk_ii:-
-
cpe:2.3:h:axis:d4200-ve:-
-
cpe:2.3:h:axis:d6310:-
-
cpe:2.3:h:axis:excam_xf_q1785:-
-
cpe:2.3:h:axis:excam_xpt_q6075:-
-
cpe:2.3:h:axis:f9104-b_main_unit:-
-
cpe:2.3:h:axis:f9104-b_mk_ii_main_unit:-
-
cpe:2.3:h:axis:f9111-r_mk_ii_main_unit:-
-
cpe:2.3:h:axis:f9111_main_unit:-
-
cpe:2.3:h:axis:f9111_mk_ii_main_unit:-
-
cpe:2.3:h:axis:f9114-b-r_mk_ii_main_unit:-
-
cpe:2.3:h:axis:f9114-b_main_unit:-
-
cpe:2.3:h:axis:f9114-bt:-
-
cpe:2.3:h:axis:f9114_main_unit:-
-
cpe:2.3:h:axis:fa51-b:-
-
cpe:2.3:h:axis:fa51:-
-
cpe:2.3:h:axis:fa54:-
-
cpe:2.3:h:axis:i7010-safety:-
-
cpe:2.3:h:axis:i7010-ve:-
-
cpe:2.3:h:axis:i7020:-
-
cpe:2.3:h:axis:i8016-lve:-
-
cpe:2.3:h:axis:i8116-e:-
-
cpe:2.3:h:axis:i8307-ve:-
-
cpe:2.3:h:axis:m1055-l:-
-
cpe:2.3:h:axis:m1075-l:-
-
cpe:2.3:h:axis:m1135-e_mk_ii:-
-
cpe:2.3:h:axis:m1135:-
-
cpe:2.3:h:axis:m1137-e_mk_ii:-
-
cpe:2.3:h:axis:m1137:-
-
cpe:2.3:h:axis:m2035-le:-
-
cpe:2.3:h:axis:m2036-le:-
-
cpe:2.3:h:axis:m3057-plr_mk_ii:-
-
cpe:2.3:h:axis:m3085-v:-
-
cpe:2.3:h:axis:m3086-v:-
-
cpe:2.3:h:axis:m3086-v_mic:-
-
cpe:2.3:h:axis:m3088-v:-
-
cpe:2.3:h:axis:m3125-lve:-
-
cpe:2.3:h:axis:m3126-lve:-
-
cpe:2.3:h:axis:m3128-lve:-
-
cpe:2.3:h:axis:m3215-lve:-
-
cpe:2.3:h:axis:m3216-lve:-
-
cpe:2.3:h:axis:m3905-r:-
-
cpe:2.3:h:axis:m4215-lv:-
-
cpe:2.3:h:axis:m4215-v:-
-
cpe:2.3:h:axis:m4216-lv:-
-
cpe:2.3:h:axis:m4216-v:-
-
cpe:2.3:h:axis:m4218-lv:-
-
cpe:2.3:h:axis:m4218-v:-
-
cpe:2.3:h:axis:m4225-lve:-
-
cpe:2.3:h:axis:m4227-lve:-
-
cpe:2.3:h:axis:m4228-lve:-
-
cpe:2.3:h:axis:m4308-ple:-
-
cpe:2.3:h:axis:m4317-plr:-
-
cpe:2.3:h:axis:m4317-plve:-
-
cpe:2.3:h:axis:m4318-plr:-
-
cpe:2.3:h:axis:m4318-plve:-
-
cpe:2.3:h:axis:m4327-p:-
-
cpe:2.3:h:axis:m4328-p:-
-
cpe:2.3:h:axis:m5000-g:-
-
cpe:2.3:h:axis:m5000:-
-
cpe:2.3:h:axis:m5074:-
-
cpe:2.3:h:axis:m5075-g:-
-
cpe:2.3:h:axis:m5075:-
-
cpe:2.3:h:axis:m5526-e:-
-
cpe:2.3:h:axis:m7104:-
-
cpe:2.3:h:axis:m7116:-
-
cpe:2.3:h:axis:p1245_mk_ii:-
-
cpe:2.3:h:axis:p1265_mk_ii:-
-
cpe:2.3:h:axis:p1275_mk_ii:-
-
cpe:2.3:h:axis:p1385-b:-
-
cpe:2.3:h:axis:p1385-be:-
-
cpe:2.3:h:axis:p1385-e:-
-
cpe:2.3:h:axis:p1385:-
-
cpe:2.3:h:axis:p1387-b:-
-
cpe:2.3:h:axis:p1387-be:-
-
cpe:2.3:h:axis:p1387-le:-
-
cpe:2.3:h:axis:p1387:-
-
cpe:2.3:h:axis:p1388-b:-
-
cpe:2.3:h:axis:p1388-be:-
-
cpe:2.3:h:axis:p1388-le:-
-
cpe:2.3:h:axis:p1388:-
-
cpe:2.3:h:axis:p1465-le-3:-
-
cpe:2.3:h:axis:p1465-le:-
-
cpe:2.3:h:axis:p1467-le:-
-
cpe:2.3:h:axis:p1468-le:-
-
cpe:2.3:h:axis:p1468-xle:-
-
cpe:2.3:h:axis:p1475-le:-
-
cpe:2.3:h:axis:p1518-e:-
-
cpe:2.3:h:axis:p1518-le:-
-
cpe:2.3:h:axis:p3265-lv:-
-
cpe:2.3:h:axis:p3265-lve-3:-
-
cpe:2.3:h:axis:p3265-lve:-
-
cpe:2.3:h:axis:p3265-v:-
-
cpe:2.3:h:axis:p3267-lv:-
-
cpe:2.3:h:axis:p3267-lve:-
-
cpe:2.3:h:axis:p3267-lve_mic:-
-
cpe:2.3:h:axis:p3268-lv:-
-
cpe:2.3:h:axis:p3268-lve:-
-
cpe:2.3:h:axis:p3268-slve:-
-
cpe:2.3:h:axis:p3275-lv:-
-
cpe:2.3:h:axis:p3275-lve:-
-
cpe:2.3:h:axis:p3277-lv:-
-
cpe:2.3:h:axis:p3277-lve:-
-
cpe:2.3:h:axis:p3278-lv:-
-
cpe:2.3:h:axis:p3278-lve:-
-
cpe:2.3:h:axis:p3285-lv:-
-
cpe:2.3:h:axis:p3285-lve:-
-
cpe:2.3:h:axis:p3287-lv:-
-
cpe:2.3:h:axis:p3287-lve:-
-
cpe:2.3:h:axis:p3288-lv:-
-
cpe:2.3:h:axis:p3288-lve:-
-
cpe:2.3:h:axis:p3735-ple:-
-
cpe:2.3:h:axis:p3737-ple:-
-
cpe:2.3:h:axis:p3738-ple:-
-
cpe:2.3:h:axis:p3747-plve:-
-
cpe:2.3:h:axis:p3748-plve:-
-
cpe:2.3:h:axis:p3818-pve:-
-
cpe:2.3:h:axis:p3827-pve:-
-
cpe:2.3:h:axis:p3905-r_mk_iii:-
-
cpe:2.3:h:axis:p3925-lre:-
-
cpe:2.3:h:axis:p3925-r:-
-
cpe:2.3:h:axis:p3935-lr:-
-
cpe:2.3:h:axis:p4705-plve:-
-
cpe:2.3:h:axis:p4707-plve:-
-
cpe:2.3:h:axis:p4708-plve:-
-
cpe:2.3:h:axis:p5654-e:-
-
cpe:2.3:h:axis:p5654-e_mk_ii:-
-
cpe:2.3:h:axis:p5655-e:-
-
cpe:2.3:h:axis:p5676-le:-
-
cpe:2.3:h:axis:p7304:-
-
cpe:2.3:h:axis:p7316:-
-
cpe:2.3:h:axis:p9117-pv:-
-
cpe:2.3:h:axis:q1615-le_mk_iii:-
-
cpe:2.3:h:axis:q1615_mk_iii:-
-
cpe:2.3:h:axis:q1656-b:-
-
cpe:2.3:h:axis:q1656-be:-
-
cpe:2.3:h:axis:q1656-ble:-
-
cpe:2.3:h:axis:q1656-dle:-
-
cpe:2.3:h:axis:q1656-le:-
-
cpe:2.3:h:axis:q1656:-
-
cpe:2.3:h:axis:q1686-dle:-
-
cpe:2.3:h:axis:q1715:-
-
cpe:2.3:h:axis:q1728-le:-
-
cpe:2.3:h:axis:q1728:-
-
cpe:2.3:h:axis:q1798-le:-
-
cpe:2.3:h:axis:q1800-le-3:-
-
cpe:2.3:h:axis:q1800-le:-
-
cpe:2.3:h:axis:q1805-le:-
-
cpe:2.3:h:axis:q1806-le:-
-
cpe:2.3:h:axis:q1808-le:-
-
cpe:2.3:h:axis:q1809-le:-
-
cpe:2.3:h:axis:q1961-te:-
-
cpe:2.3:h:axis:q1961-xte:-
-
cpe:2.3:h:axis:q1971-e:-
-
cpe:2.3:h:axis:q1972-e:-
-
cpe:2.3:h:axis:q2101-te:-
-
cpe:2.3:h:axis:q2111-e:-
-
cpe:2.3:h:axis:q2112-e:-
-
cpe:2.3:h:axis:q3536-lve:-
-
cpe:2.3:h:axis:q3538-lve:-
-
cpe:2.3:h:axis:q3538-slve:-
-
cpe:2.3:h:axis:q3546-lve:-
-
cpe:2.3:h:axis:q3548-lve:-
-
cpe:2.3:h:axis:q3556-lve:-
-
cpe:2.3:h:axis:q3558-lve:-
-
cpe:2.3:h:axis:q3626-ve:-
-
cpe:2.3:h:axis:q3628-ve:-
-
cpe:2.3:h:axis:q3819-pve:-
-
cpe:2.3:h:axis:q3839-pve:-
-
cpe:2.3:h:axis:q3839-spve:-
-
cpe:2.3:h:axis:q4809-pve:-
-
cpe:2.3:h:axis:q6020-e:-
-
cpe:2.3:h:axis:q6074-e:-
-
cpe:2.3:h:axis:q6074:-
-
cpe:2.3:h:axis:q6075-e:-
-
cpe:2.3:h:axis:q6075-s:-
-
cpe:2.3:h:axis:q6075-se:-
-
cpe:2.3:h:axis:q6075:-
-
cpe:2.3:h:axis:q6078-e:-
-
cpe:2.3:h:axis:q6135-le:-
-
cpe:2.3:h:axis:q6225-le:-
-
cpe:2.3:h:axis:q6300-e:-
-
cpe:2.3:h:axis:q6315-le:-
-
cpe:2.3:h:axis:q6318-le:-
-
cpe:2.3:h:axis:q6355-le:-
-
cpe:2.3:h:axis:q6358-le:-
-
cpe:2.3:h:axis:q8615-e:-
-
cpe:2.3:h:axis:q8752-e:-
-
cpe:2.3:h:axis:q8752-e_mk_ii:-
-
cpe:2.3:h:axis:q9307-lv:-
-
cpe:2.3:h:axis:s3008:-
-
cpe:2.3:h:axis:s3008_mk_ii:-
-
cpe:2.3:h:axis:s3016:-
-
cpe:2.3:h:axis:s4000:-
-
cpe:2.3:h:axis:v5925:-
-
cpe:2.3:h:axis:v5938:-
-
cpe:2.3:h:axis:w100:-
-
cpe:2.3:h:axis:w101:-
-
cpe:2.3:h:axis:w102:-
-
cpe:2.3:h:axis:w110:-
-
cpe:2.3:h:axis:w120:-
-
cpe:2.3:h:axis:w401:-
-
cpe:2.3:h:axis:xc1311:-
-
cpe:2.3:h:axis:xf40-q1785:-
-
cpe:2.3:h:axis:xfq1656:-
-
cpe:2.3:h:axis:xpq1785:-
-
cpe:2.3:o:axis:axis_os:12.0.0
-
cpe:2.3:o:axis:axis_os:12.6.7