CVE Vulnerabilities

CVE-2003-0240

Published: Jun 09, 2003 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).

Affected Software

Name Vendor Start Version End Version
2100_network_camera Axis * 2.32 (including)
2110_network_camera Axis * 2.32 (including)
2120_network_camera Axis * 2.32 (including)
2130_ptz_network_camera Axis * 2.32 (including)
2400_video_server Axis * 2.32 (including)
2401_video_server Axis * 2.32 (including)
2420_network_camera Axis * 2.32 (including)
2460_network_dvr Axis * 3.00 (including)
250s_video_server Axis * 3.02 (including)

References