Multiple security flaws have been identified in Axis Communications video surveillance products, including remote code execution, adversary-in-the-middle attacks, and authentication bypass. The vulnerabilities could allow attackers to take control of systems managing camera feeds and expose sensitive data. Fixes have been implemented in various product versions, including Camera Station Pro and Device Manager. Despite the severity of the flaws, no evidence has shown exploitation in the wild, suggesting that proactive measures may have prevented potential threats.
The attack results in pre-authentication remote code execution on Axis Device Manager and Axis Camera Station, allowing for takeover attacks on the systems.
An attacker can enumerate vulnerable servers and clients through internet scans of exposed Axis.Remoting services, facilitating granular, highly targeted attacks.
CVE-2025-30023 manifests as a flaw in the communication protocol, enabling authenticated users to perform remote code execution. Fixed in Camera Station Pro 6.9.
Successful exploitation of vulnerabilities allows attackers to assume an adversary-in-the-middle position, altering requests and executing arbitrary actions on systems.
Collection
[
|
...
]