Axis Camera Station Pro
Approved changes feed: RSS · Atom
cpe:2.3:a:axis_communications_ab:axis_camera_station_pro:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Axis Communications Ab (f6c8d7a9-0354-5da0-b3d1-8c5a55fc46ce) |
|---|---|
| Product | Axis Camera Station Pro (144c171a-bceb-55a5-abd0-48cfaa40e414) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-7622 |
vulnerable | 2026-06-03 15:13:40.560357 |
Details available
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.
Published: 2025-08-12T05:09:23.834Z
Updated: 2025-08-12T17:59:32.228Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30026 |
vulnerable | 2026-06-03 15:00:27.028919 |
Details available
The AXIS Camera Station Server had a flaw that allowed
to bypass authentication that is normally required.
Published: 2025-07-11T06:05:33.887Z
Updated: 2025-07-11T16:19:20.584Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30025 |
vulnerable | 2026-06-03 15:00:27.028358 |
Details available
The communication protocol used between the
server process and the service control had a flaw that could lead to a local privilege escalation.
Published: 2025-07-11T06:04:40.972Z
Updated: 2026-01-07T09:59:44.547Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30023 |
vulnerable | 2026-06-03 15:00:27.019538 |
Details available
CRITICAL (9)
The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.
Published: 2025-07-11T06:02:00.620Z
Updated: 2025-07-11T16:36:45.516Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1056 |
vulnerable | 2026-06-03 14:58:57.651286 |
Details available
MEDIUM (6.1)
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Published: 2025-04-23T05:18:10.120Z
Updated: 2025-04-23T13:09:33.255Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-13064 |
vulnerable | 2026-06-03 14:58:45.467963 |
Details available
MEDIUM (4.5)
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
Published: 2026-02-10T05:40:34.374Z
Updated: 2026-02-10T20:16:16.016Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12757 |
vulnerable | 2026-06-03 14:58:44.814628 |
Details available
MEDIUM (4.6)
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
Published: 2026-02-10T05:47:20.339Z
Updated: 2026-02-10T20:16:37.549Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12063 |
vulnerable | 2026-06-03 14:58:43.730679 |
Details available
MEDIUM (5.7)
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
Published: 2026-02-10T05:52:35.732Z
Updated: 2026-02-10T20:16:58.729Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11547 |
vulnerable | 2026-06-03 14:58:42.659016 |
Details available
HIGH (7.8)
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.
Published: 2026-02-10T05:35:50.903Z
Updated: 2026-02-26T15:04:12.686Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0926 |
vulnerable | 2026-06-03 14:58:33.262199 |
Details available
MEDIUM (5.9)
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Published: 2025-04-23T05:22:03.489Z
Updated: 2025-04-23T13:08:49.871Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7696 |
vulnerable | 2026-06-03 14:58:06.787856 |
Details available
MEDIUM (6.3)
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using maliciously crafted audit log entries.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Published: 2025-01-07T05:38:42.879Z
Updated: 2025-01-07T15:31:07.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6831 |
vulnerable | 2026-06-03 14:58:04.256979 |
Details available
MEDIUM (4.4)
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to edit and/or remove views without the necessary permission due to a client-side-only check.
Axis has released patched versions for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Published: 2024-11-26T07:14:58.823Z
Updated: 2024-11-26T14:09:25.685Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6749 |
vulnerable | 2026-06-03 14:58:04.048333 |
Details available
MEDIUM (6.3)
Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident report feature may expose sensitive credentials on the AXIS Camera Station windows client. If Incident report is not being used with credentials configured this flaw does not apply.
Axis has released patched versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
Published: 2024-11-26T07:07:30.538Z
Updated: 2024-11-26T14:09:25.817Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6476 |
vulnerable | 2026-06-03 14:58:03.273637 |
Details available
MEDIUM (4.2)
Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is possible for a non-admin user to gain system privileges by redirecting a file deletion upon service restart.
Axis has released patched versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
Published: 2024-11-26T07:00:46.615Z
Updated: 2024-11-26T14:09:25.935Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.