Axis: >> License Plate Verifier Security Vulnerabilities
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for
arbitrary code execution.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-08-03
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for
SQL injections.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-08-03
A broken access control was found allowing for privileged escalation of the operator account to gain
administrator privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-08-03
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials
that are used in the integration interface towards 3rd party systems.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-08-03
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator
credentials allowing the configuration of the application.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-08-03
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for
arbitrary code execution.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-08-03