N/A

51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-1287

AXIS OS 安全漏洞

AXIS OS是瑞典安讯士（AXIS）公司的一种边缘设备操作系统。 AXIS OS存在安全漏洞，该漏洞源于输入验证不足，可能导致攻击者上传文件影响设备 Web 界面功能。

N/A

N/A