CVE-2003-0240

Published Jun 9, 2003

Last updated 7 years ago

Overview

Description: The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:axis:2100_network_camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2570AC32-525A-47BD-B13E-EB9ED7A7A527",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2110_network_camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E3B8362-1E77-4F67-A9E9-B31B82980331",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2120_network_camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1076E59E-8F35-46BF-A8AA-D3FF2F49879D",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2130_ptz_network_camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A741E9C-25EE-47A2-AD5E-2B348F6D6AAA",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2400_video_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC4DC4AC-6416-44B9-808E-CBE907687A35",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2401_video_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D42850B0-AE7D-457D-BF27-EF5B9F429CE3",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2420_network_camera:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91A70331-0B56-44F2-8134-1346D60090DF",
            "versionEndIncluding": "2.32"
          },
          {
            "criteria": "cpe:2.3:h:axis:2460_network_dvr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD23BD15-EEFB-490A-9253-46F1942EDC87",
            "versionEndIncluding": "3.00"
          },
          {
            "criteria": "cpe:2.3:h:axis:250s_video_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B102633A-D63C-458F-BDE3-B9082166B9C6",
            "versionEndIncluding": "3.02"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References