CVE-2007-5213
Summary
| CVE | CVE-2007-5213 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-10-04 23:17:00 UTC |
| Updated | 2018-10-15 21:41:00 UTC |
| Description | Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by (1) an SMTP server change through the conf_SMTP_MailServer1 parameter to ServerManager.srv and (2) a hostname change through the conf_Network_HostName parameter on the Network page. |
Risk And Classification
Problem Types: CWE-352
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Axis | 2100 Network Camera | 2.02 | All | All | All |
| Hardware | Axis | 2100 Network Camera | 2.02 | All | All | All |
| Hardware | Axis | 2100 Network Camera Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 39491 | OSVDB | osvdb.org | |
| SecurityReason - Owning Big Brother: How to Crack into Axis IP cameras | SREASON | securityreason.com | |
| Axis Communications 2100 Network Camera Multiple Input Validation Vulnerabilities | BID | www.securityfocus.com | |
| 404 - File or directory not found. | MISC | www.procheckup.com | Exploit |
| 39490 | OSVDB | osvdb.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.