CVE-2007-4930
CVE-2007-4930
Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via (1) axis-cgi/admin/restart.cgi, (2) the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or (3) the server parameter to admin/restartMessage.shtml.
Affected products
n/a · n/apublic PoCs found — 3
exploitdbwww.exploit-db.com/exploits/30587unverifiedexploitdbwww.exploit-db.com/exploits/30586unverifiedexploitdbwww.exploit-db.com/exploits/30585unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://airscanner.com/security/07080701_axis.htmhttp://secunia.com/advisories/26831http://securityreason.com/securityalert/3145http://www.informit.com/articles/article.aspx?p=1016102http://www.securityfocus.com/archive/1/479600/100/0/threadedhttp://www.securityfocus.com/bid/25678http://www.securitytracker.com/id?1018699