CVE-2025-12757

CWE-22Path Traversal3 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 97.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Axis Communications AB Axis Camera Station PROAxis Camera Station PRO
Timeline
PublishedFeb 10

Description

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 2.1 | Impact: 2.5

Affected Packages2 packages

NVDaxis/camera_station_pro< 6.14.10768

🔴Vulnerability Details

2
CVEList
CVE-2025-12757: An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to2026-02-10
GHSA
GHSA-xm6r-fw82-jmcw: An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to2026-02-10
CVE-2025-12757 (MEDIUM CVSS 4.6) | An AXIS Camera Station Pro feature | cvebase.io