VYPR

VAPIX API

by Axis

CVEs (2)

  • CVE-2025-9524MedNov 11, 2025
    risk 0.28cvss 4.3epss 0.00

    The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.

  • CVE-2023-5677Feb 5, 2024
    risk 0.00cvss epss 0.01

    Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or…