Camera Station Pro | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.

A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.

AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.

The communication protocol used between the server process and the service control had a flaw that could lead to a local privilege escalation.

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin…

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for a non-admin user to remove system files causing a boot loop by redirecting a file deletion when recording video. Axis has released a patched…

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program, has found that it is possible for an authenticated malicious client to tamper with audit log creation in AXIS Camera Station, or perform a Denial-of-Service attack on the AXI…