Primary

Context

Axis Communications AXIS OS File Upload Vulnerability Leading to Process Crashes

Vulnerability

Patched

A vulnerability exists in Axis Communications AXIS OS versions 6.50 through 12.7, allowing authenticated users with operator or administrator privileges to upload files with specific names to a temporary directory. This could cause process crashes and disrupt usability.

Impact

Exploitation of this vulnerability can lead to process crashes, affecting the usability of the device.

Remediation

Axis has released patches for this vulnerability in the following versions: Active Track 12.7.27, LTS 2024 11.11.178, LTS 2022 10.12.306, LTS 2020 9.80.124, (Former LTS) 8.40.90 for products still under AXIS OS software support, and (Former LTS) 6.50.5.22 for products still under AXIS OS software support. Users are advised to update their Axis device software to the latest version.

Added: Nov 11, 2025, 8:16 AM

Updated: Nov 11, 2025, 8:16 AM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

4.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

0.6

exploitability

4.9

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Axis Communications AXIS OS File Upload Vulnerability Leading to Process Crashes

Vulnerability

Impact

Remediation

Affected Products

Axis AXIS OS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating