Vulnerability Database

290,278

Total vulnerabilities in the database

CVE-2017-20049

A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.

  • Published: Jun 15, 2022
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-20049
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
axis / p1204_firmware - 5.50.4.x
axis / p3225_firmware - 6.30.1.x
axis / p3367_firmware - 6.10.1.2.x
axis / m3045_firmware - 6.15.4.1.x
axis / m3005_firmware - 5.50.5.7.x
axis / m3007_firmware - 6.30.1.1.x