VYPR

Axis Camera Station Pro

by Axis

CVEs (12)

  • CVE-2024-6476MedNov 26, 2024
    risk 0.27cvss 4.2epss 0.00

    Gee-netics, member of the AXIS Camera Station Pro Bug Bounty Program has found that it is possible for a non-admin user to gain system privileges by redirecting a file deletion upon service restart. Axis has released patched versions for the highlighted flaw. Please refer to…

  • CVE-2025-30023Jul 11, 2025
    risk 0.01cvss epss 0.01

    The communication protocol used between client and server had a flaw that could lead to an authenticated user performing a remote code execution attack.

  • CVE-2025-12063Feb 10, 2026
    risk 0.00cvss epss 0.00

    An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.

  • CVE-2025-12757Feb 10, 2026
    risk 0.00cvss epss 0.00

    An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.

  • CVE-2025-13064Feb 10, 2026
    risk 0.00cvss epss 0.00

    A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.

  • CVE-2025-11547Feb 10, 2026
    risk 0.00cvss epss 0.00

    AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.

  • CVE-2025-7622Aug 12, 2025
    risk 0.00cvss epss 0.00

    During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.

  • CVE-2025-30026Jul 11, 2025
    risk 0.00cvss epss 0.01

    The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required.

  • CVE-2025-30025Jul 11, 2025
    risk 0.00cvss epss 0.00

    The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.

  • CVE-2025-0926Apr 23, 2025
    risk 0.00cvss epss 0.00

    Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video. Axis has released a patched version for the highlighted flaw.…

  • CVE-2025-1056Apr 23, 2025
    risk 0.00cvss epss 0.00

    Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released…

  • CVE-2024-7696Jan 7, 2025
    risk 0.00cvss epss 0.00

    Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXIS Camera Station server using…