CVE-2025-1056
published 2025-04-23CVE-2025-1056: Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| axis | camera_station_pro | < 6.8.43213 | 6.8.43213 |
| axis_communications_ab | axis_camera_station_pro | >= 6 < 6.8 | 6.8 |
| msrc | cbl2_libtiff_4.3.0-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |