• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Axis Communications 2100 Network Camera Multiple Input Validation Vulnerabilities

Axis Communications 2100 Network Camera is prone to multiple input-validation vulnerabilities, including a cross-site scripting issue, multiple HTML-injection issues, and a cross-site request-forgery issue, because the application fails to properly sanitize user-supplied input.

Exploiting these issues could allow an attacker to execute arbitrary script code in the context of the webserver process, control how the site is rendered to the user, compromise the application, obtain sensitive information, and access or modify data.

These issues affect 2100 Network Cameras with firmware version 2.43; other firmware versions and models may also be affected.