HTTP: Axis Video Server Remote Account Addition
This signature detects a request to an Axis Video Server containing parameters designed to create an Administrator account on the server.
Extended Description
Multiple vulnerabilities are reported to reside in multiple Axis network video and camera servers: 1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Other commands are also likely to work, facilitating other attacks. This issue is reported to affect: - Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.34 thru 2.40 - Axis 2130 network cameras - Axis 2401 and 2401 video servers 2. A directory-traversal vulnerability in HTTP POST requests. This attack is demonstrated by an anonymous user calling protected administration scripts. This bypasses authentication checks and gives anonymous users remote adminitration of the devices. This issue is reported to affect: - Axis 2100, 2110, 2120, 2420 network cameras with firmware versions 2.12 thru 2.40 - Axis 2130 network cameras - Axis 2401,and 2401 video servers 3. A hardcoded backdoor administrative-user issue allows remote attackers to administer affected devices. This likely cannot be disabled. This issue is reported to affect: - Axis StorePoint CD E100 CD-ROM Server with firmware version 5.30 Other products and versions of firmware are likely affected by one or more of these vulnerabilities.
Affected Products
Axis_communications 2411_video_server
Short Name
HTTP:CGI:AXIS-ACCOUNT
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Account Addition Axis Remote Server Video bid:11011
Release Date
09/30/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Axis_communications