FLIR AX8 versions 1.46.16 and below unauthenticated remote OS command injection exploit.
d69929a972eb08cfeb279707887a6f7dd7e33ba6198b5c583c8af9bc510a1eb7
This Metasploit module attempts to login to an Apache Axis2 instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. It has been verified to work on at least versions 1.4.1 and 1.6.2.
4719452255874c71f8d0b9c9d1065c938d1a02c4240afad5a85654a333b0db20
This Metasploit module exploits an Apache Axis2 v1.4.1 local file inclusion (LFI) vulnerability. By loading a local XML file which contains a cleartext username and password, attackers can trivially recover authentication credentials to Axis services.
50104ff91cd322fe465188779cfaa98819e42e8898505fa53d0efc5a47d67e68
This Metasploit module exploits a directory traversal vulnerability in the WebAdmin interface of Axigen, which allows an authenticated user to read and delete arbitrary files with SYSTEM privileges. The vulnerability is known to work on Windows platforms. This Metasploit module has been tested successfully on Axigen 8.10 over Windows 2003 SP2.
65bded7c1002f50c11a1863f2988834a0950e01d4adc9009e4ce5c5edaea371a
Axigen versions 10.5.0–4370c946 and below suffer from a cross site scripting vulnerability.
fe2b4328c2557a11918de6f341b200a07afaf0512f0b5909133817cf704b934b
All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to remote command injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. This module uses the vulnerability to upload and execute payloads gaining root privileges.
a321cd3e8960e684cbab1cd82bb0f9be0cda474af87c57e7f89fa9aaa83b6bca
FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities.
d4b0fa3d39bb7d9eb67520d399557821deb5682ab4e0f91e473b5af510fec4d7
In Linux, drivers/net/usb/ax88179_178a.c contains multiple out-of-bounds accesses in ax88179_rx_fixup(), the function responsible for taking a buffer received over USB and splitting it up into ethernet packets.
d31f6a101db6dc5fd85ff3bf16404acb26c0969c2cd57cc1adc10f3d4419cf21
This Metasploit module exploits the "Apps" feature in Axis IP cameras. The feature allows third party developers to upload and execute eap applications on the device. The system does not validate the application comes from a trusted source, so a malicious attacker can upload and execute arbitrary code. The issue has no CVE, although the technique was made public in 2018. This module uploads and executes stageless meterpreter as root. Uploading the application requires valid credentials. The default administrator credentials used to be root:root but newer firmware versions force users to provide a new password for the root user. The module was tested on an Axis M3044-V using the latest firmware (9.80.3.8: December 2021). All modules that support the "Apps" feature are presumed to be vulnerable.
3b946c3c32ffbe1237309479a6f3fbc02ff1259e17c42ed2ee33315e97a2b97e
Multiple denial of service vulnerabilities have been discovered and disclosed in the axTLS library versions 2.1.5 and below.
4b795ed8fab6f7bf3baf0d923f7583ab93caeae5946f05ef62eac4fd030fc492
Axway SecureTransport 5 suffers from an unauthenticated XML external entity injection vulnerability.
7ae144683e44ae643e28c83da54fe27287daee7e50a92c55a6932e7a99323e09
Axessh version 4.2 denial of service proof of concept exploit.
5ac2fd6ab32034cb62ce26d355ed5fd743d956eb9f257f77fad9ec445308ce30
Axioscloud Sissiweb Registro Elettronico version 7.0.0 suffers from a cross site scripting vulnerability.
3c10863d0e2abd4f243f81f66ecbdb173b4bda14b1de618998cf91e3b4670490
FLIR AX8 thermal sensor camera devices version 1.32.16 utilize hard-coded credentials within its Linux distribution image. These sets of credentials (SSH) are never exposed to the end-user and cannot be changed through any normal operation of the camera. Attacker could exploit this vulnerability by logging in using the default credentials for the web panel or gain shell access.
0de614831d3b207ecfaf1e3fe077655b58680dacd90d072ca20b3ad2ade27b23
The FLIR AX8 thermal sensor camera version 1.32.16 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed via the 'file' parameter in download.php is not properly verified before being used to download config files. This can be exploited to disclose the contents of arbitrary files via absolute path.
4910689d53033b4139e7b3d0f8b92bc214a9cc6782213c8e4ee94d74eae57221
The FLIR AX8 thermal sensor camera version 1.32.16 suffers an unauthenticated and unauthorized live RTSP video stream access.
ae1464855d3b12a1fe0dc5269d50e29d905cd74a8815b4317e3f235a057d14ce
The FLIR AX8 thermal sensor camera version 1.32.16 suffers from two unauthenticated command injection vulnerabilities. The issues can be triggered when calling multiple unsanitized HTTP GET/POST parameters within the shell_exec function in res.php and palette.php file. This can be exploited to inject arbitrary system commands and gain root remote code execution.
99f659cdf3c32886f1df88cb3b5df0af997dddb9fedfd50e3d11a4fe93ff269c
This Metasploit module exploits an authentication bypass in .srv functionality and a command injection in parhand to execute code as the root user.
c10f9b22f833b812b5b5320ea587dedf77fe8a60a4a58ddec5548a2ea5fb202d
Axis Cameras suffer from authorization bypass, unrestricted dbus access, command injection, denial of service, and information disclosure vulnerabilities.
5e9747cd700a38abddaca3fd3d40d3df83bf20b08c4efc814e47b25f3307c9bf
AXON PBX version 2.02 suffers from a cross site scripting vulnerability.
04a666c41333b5f3a6da50e9ea1dbdebeff05424793da848b007b56096f2c465
AXON PBX version 2.02 suffers from a DLL hijacking vulnerability.
c680c40bb9644184c45d660a62e2391edc86949192449483678e312f79d2cc46
AxxonSoft Axxon Next suffers from a directory traversal vulnerability.
d35bb1a5d3f761c3ff0d4cfa73dd81a7c335da6fabac0fea007e4f5814a538e4
Axis Communications MPQT/PACS suffers from heap overflow and information leakage vulnerabilities.
5c70ff5167b04f198b52c0dc3f8309937d69063f123eca02784c45bea1eb2e02
Axis 2100 Network Camera version 2.43 suffers from a cross site scripting vulnerability.
6571f063cbf73cf8a5e656fbd96dcc33bef106f5cb93d24594de81a58522eba7
Various AXIS cameras suffer from cross site request forgery and cross site scripting vulnerabilities amongst other issues.
365490dde209cafe4c70f755efc7843b6e66b7ba8c535e04e832ae9478ce59c6
Android suffers from a race condition in the max86902 driver sysfs interfaces.
e9f80a6e96632a7efbeb45128bbf886bfd54a33da227b3ccd75a5a8ac9b3d50f