HomePentest-Tools.com Logo

AXIS 207W Network Camera XSS Vulnerability (Feb 2023) CVE-2023-22984

Severity
CVSSv3 Score
6.1
Vulnerability description

AXIS 207W network camera devices are prone to a cross-site scripting (XSS) vulnerability.

Risk description

There is a reflected XSS vulnerability in the web administration portal, which allows an attacker to execute arbitrary JavaScript via URL.

Recommendation

No solution was made available by the vendor. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. Note: The vendor states that technical support for 207W has ended in 28.02.2014, therefore most probably no effort will be made to provide a fix for these vulnerabilities.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 21, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available