Vulnerability Description
A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Axis | P1204 Firmware | <= 5.50.4 |
| Axis | P1204 | - |
| Axis | P3225 Firmware | <= 6.30.1 |
| Axis | P3225 | - |
| Axis | P3367 Firmware | <= 6.10.1.2 |
| Axis | P3367 | - |
| Axis | M3045 Firmware | <= 6.15.4.1 |
| Axis | M3045 | - |
| Axis | M3005 Firmware | <= 5.50.5.7 |
| Axis | M3005 | - |
| Axis | M3007 Firmware | <= 6.30.1.1 |
| Axis | M3007 | - |
Related Weaknesses (CWE)
References
- https://www.axis.com/dam/public/df/f3/dd/cve-2017-20049-en-US-376956.pdf
- https://www.axis.com/dam/public/df/f3/dd/cve-2017-20049-en-US-376956.pdf
FAQ
What is CVE-2017-20049?
CVE-2017-20049 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is poss...
How severe is CVE-2017-20049?
CVE-2017-20049 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-20049?
Check the references section above for vendor advisories and patch information. Affected products include: Axis P1204 Firmware, Axis P1204, Axis P3225 Firmware, Axis P3225, Axis P3367 Firmware.