• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Axis Network Camera And Video Server Multiple Vulnerabilities

Severity: CRITICAL

Description:

Axis Communications maintains a line of Network Cameras and Video Servers products designed to capture and transmit images and video over the web. All products also include a web-based administration tool interface.

Multiple vulnerabilities are reported to reside in multiple Axis network video and camera servers:

1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. This vulnerability presents itself when the '/axis-cgi/io/virtualinput.cgi' script is passed commands to run as URI arguments. Passing commands quoted by '`' characters will cause the quoted commands to be executed by a shell. Other commands are also likely to work, facilitating other attacks.

This issue is reported to affect:
- Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.34 thru 2.40
- Axis 2130 network cameras
- Axis 2401 and 2401 video servers

2. A directory-traversal vulnerability in HTTP POST requests. This vulnerability presents itself when an attacker sends an HTTP POST request containing '../' directory-traversal character sequences. This attack is demonstrated by an anonymous user calling protected administration scripts. This bypasses authentication checks and gives anonymous users remote adminitration of the devices.

This issue is reported to affect:
- Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.12 thru 2.40
- Axis 2130 network cameras
- Axis 2401,and 2401 video servers

3. A hardcoded backdoor administrative-user issue allows remote attackers to administer affected devices. This allows remote attackers to administer affected devices; it likely cannot be disabled. The account details as reported are a username of 'copyright', with a password of 'mammalambalouie'.

This issue is reported to affect:
- Axis StorePoint CD E100 CD-ROM Server with firmware version 5.30

Other products and versions of firmware are likely affected by one or more of these vulnerabilities.

Affected Products:

• Axis Communications 2100 Network Camera 2.12.0
• Axis Communications 2100 Network Camera 2.30.0
• Axis Communications 2100 Network Camera 2.31.0
• Axis Communications 2100 Network Camera 2.32.0
• Axis Communications 2100 Network Camera 2.33.0
• Axis Communications 2100 Network Camera 2.34.0
• Axis Communications 2100 Network Camera 2.40.0
• Axis Communications 2100 Network Camera 2.41.0
• Axis Communications 2110 Network Camera 2.12.0
• Axis Communications 2110 Network Camera 2.30.0
• Axis Communications 2110 Network Camera 2.31.0
• Axis Communications 2110 Network Camera 2.32.0
• Axis Communications 2110 Network Camera 2.34.0
• Axis Communications 2110 Network Camera 2.40.0
• Axis Communications 2110 Network Camera 2.41.0
• Axis Communications 2120 Network Camera 2.12.0
• Axis Communications 2120 Network Camera 2.30.0
• Axis Communications 2120 Network Camera 2.31.0
• Axis Communications 2120 Network Camera 2.32.0
• Axis Communications 2120 Network Camera 2.34.0
• Axis Communications 2120 Network Camera 2.40.0
• Axis Communications 2120 Network Camera 2.41.0
• Axis Communications 2130 PTZ Network Camera 2.30.0
• Axis Communications 2130 PTZ Network Camera 2.31.0
• Axis Communications 2130 PTZ Network Camera 2.32.0
• Axis Communications 2130 PTZ Network Camera 2.34.0
• Axis Communications 2130 PTZ Network Camera 2.40.0
• Axis Communications 230 MPEG-2 Video Server 3.11.0
• Axis Communications 2400 Video Server 1.0.0 1
• Axis Communications 2400 Video Server 1.0.0 2
• Axis Communications 2400 Video Server 1.10.0
• Axis Communications 2400 Video Server 1.11.0
• Axis Communications 2400 Video Server 1.12.0
• Axis Communications 2400 Video Server 1.15.0
• Axis Communications 2400 Video Server 2.0.0
• Axis Communications 2400 Video Server 2.20.0
• Axis Communications 2400 Video Server 2.30.0
• Axis Communications 2400 Video Server 2.31.0
• Axis Communications 2400 Video Server 2.32.0
• Axis Communications 2400 Video Server 2.33.0
• Axis Communications 2400 Video Server 2.34.0
• Axis Communications 2400+ Blade Video Server 3.12.0
• Axis Communications 2400+ Video Server 3.11.0
• Axis Communications 2400+ Video Server 3.12.0
• Axis Communications 2401 Video Server 1.0.0 1
• Axis Communications 2401 Video Server 1.15.0
• Axis Communications 2401 Video Server 2.20.0
• Axis Communications 2401 Video Server 2.30.0
• Axis Communications 2401 Video Server 2.31.0
• Axis Communications 2401 Video Server 2.32.0
• Axis Communications 2401 Video Server 2.33.0
• Axis Communications 2401 Video Server 2.34.0
• Axis Communications 2401+ Video Server 3.12.0
• Axis Communications 2401+ Blade Video Server 3.12.0
• Axis Communications 2401+ Video Server 3.12.0
• Axis Communications 2401+ Video Server 3.13.0
• Axis Communications 2411 Video Server 3.12.0
• Axis Communications 2411 Video Server 3.12.0
• Axis Communications 2411 Video Server 3.13.0
• Axis Communications 2420 Network Camera 2.12.0
• Axis Communications 2420 Network Camera 2.30.0
• Axis Communications 2420 Network Camera 2.31.0
• Axis Communications 2420 Network Camera 2.32.0
• Axis Communications 2420 Network Camera 2.33.0
• Axis Communications 2420 Network Camera 2.34.0
• Axis Communications 2420 Network Camera 2.40.0
• Axis Communications 2420 Network Camera 2.41.0
• Axis Communications 2420 Video Server 2.32.0
• Axis Communications 2420 Video Server 2.34.0
• Axis Communications 2460 Network DVR 3.10.0
• Axis Communications 2460 Network DVR 3.11.0
• Axis Communications 2490 Serial Server 2.11.3
• Axis Communications 250S MPEG-2 Video Server 3.10.0
• Axis Communications 250S Video Server 3.0.03
• Axis Communications MPEG-2 Video Server 0.0.0250S
• Axis Communications Network DVR 0.0.02460
• Axis Communications Serial Server 0.0.02490
• Axis Communications StorPoint CD

References:

• Axis Communications: Network Camera and Video Servers

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.