Vulnerability CVE-2001-1543


Published: 2001-12-31   Modified: 2012-02-12

Description:
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.

Vendor: AXIS
Product: 2100 network camera 
Product: 2120 network camera 
Product: Neteye 200+ 
Product: 2110 network camera 
Product: Neteye 200 

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.securityfocus.com/bid/3640
http://www.iss.net/security_center/static/7665.php
http://archives.neohapsis.com/archives/bugtraq/2001-12/0061.html
http://archives.neohapsis.com/archives/bugtraq/2001-12/0050.html

Related CVE
CVE-2018-10664
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
CVE-2018-10663
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
CVE-2018-10662
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
CVE-2018-10661
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
CVE-2018-10660
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
CVE-2018-10659
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM ins...
CVE-2018-10658
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
CVE-2018-9158
An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. They don't employ a suitable mechanism to prevent a DoS attack, which leads to a response time delay. An attacker can use the hping3 tool to perform an IPv4 flood ...

Copyright 2019, cxsecurity.com

 

Back to Top