Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5213

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-5213
Last Modified 03 Jan 2013 12:00:00
Published 04 Oct 2007 07:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5213

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by (1) an SMTP server change through the conf_SMTP_MailServer1 parameter to ServerManager.srv and (2) a hostname change through the conf_Network_HostName parameter on the Network page.

Vulnerable Systems


References

BID - 25837

BUGTRAQ - 20070928 Owning Big Brother: How to Crack into Axis IP cameras

MISC - http://www.procheckup.com/Vulnerability_Axis_2100_research.pdf

OSVDB - 39491

OSVDB - 39490

SREASON - 3188


Last Updated: 27 May 2016 11:01:32