CVE-2025-0324 | Axis Communications AB AXIS OS up to 11.11.139/12.3.32 VAPIX Device Configuration Framework incomplete filtering of special elements

Inserito da Angelo Barbosa | Giu 2, 2025 | CVE

A vulnerability was found in Axis Communications AB AXIS OS up to 11.11.139/12.3.32. It has been rated as very critical. This issue affects some unknown processing of the component VAPIX Device Configuration Framework. The manipulation leads to incomplete filtering of special elements.

The identification of this vulnerability is CVE-2025-0324. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-0324 | Axis Communications AB AXIS OS up to 11.11.139/12.3.32 VAPIX Device Configuration Framework incomplete filtering of special elements

Post correlati

CVE-2024-39905 | Cog-Creators Red-DiscordBot up to 3.5.9 can_manage_channel authorization (GHSA-5jq8-q6rj-9gq4)

CVE-2024-1030 | Cogites eReserv 7.7.58 tenancyDetail.php id cross site scripting

CVE-2024-40543 | Sanluan PublicCMS 4.0.202302.e ueditor server-side request forgery

CVE-2024-28171 | Delta Electronics DIAEnergie prior 1.10.00.005 File Name path traversal (icsa-24-074-12)