VYPR

Axis License Plate Verifier

by Axis

CVEs (6)

  • CVE-2023-21412Aug 3, 2023
    risk 0.00cvss epss 0.00

    User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.

  • CVE-2023-21411Aug 3, 2023
    risk 0.00cvss epss 0.01

    User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.

  • CVE-2023-21410Aug 3, 2023
    risk 0.00cvss epss 0.01

    User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.

  • CVE-2023-21409Aug 3, 2023
    risk 0.00cvss epss 0.01

    Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application.

  • CVE-2023-21408Aug 3, 2023
    risk 0.00cvss epss 0.01

    Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems.

  • CVE-2023-21407Aug 3, 2023
    risk 0.00cvss epss 0.01

    A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.