[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] Significant Vulnerabilities in Axis IP Cameras
From:       Vulnerability Report <vuln () vdoo ! com>
Date:       2018-06-19 9:40:20
Message-ID: AM6P191MB0453523E241299FDD97F33F5BA700 () AM6P191MB0453 ! EURP191 ! PROD ! OUTLOOK ! COM
[Download RAW message or body]

Hello,

We have discovered and responsibly disclosed seven vulnerabilities affecting 390 Axis IP Camera \
models. Chaining three of these vulnerabilities together, allows an unauthenticated attacker to \
execute commands on the cameras as root over the network.

A technical blog post with the vulnerabilities' details can be found at \
https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-axis-cameras/ \
The vendor's advisory, including a full list of affected models, can be found at \
https://www.axis.com/files/faq/Advisory_ACV-128401.pdf

This is the second of a series of blogs that will cover technical deep dives as part of our \
wide scope research of IoT safety and security products. Stay tuned.

Regards,
Or Peles, VDOO Vulnerability Research Team

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/


[prev in list] [next in list] [prev in thread] [next in thread]