Axis » 207w Network Camera : Security Vulnerabilities, CVEs, CVSS score >= 4
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
Max CVSS
4.3
EPSS Score
1.07%
Published
2007-09-18
Updated
2018-10-15
Multiple cross-site scripting (XSS) vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/image_incl.shtml, and other unspecified vectors.
Max CVSS
4.3
EPSS Score
0.42%
Published
2007-09-18
Updated
2018-10-15
The AXIS 207W camera stores a WEP or WPA key in cleartext in the configuration file, which might allow local users to obtain sensitive information.
Max CVSS
4.9
EPSS Score
0.06%
Published
2007-09-18
Updated
2018-10-15
3 vulnerabilities found