CVE-2025-7622

CWE-918 — Server-Side Request Forgery (SSRF)3 documents3 sources

Severity

5.1MEDIUM

EPSS

0.0%

top 94.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Axis Communications AB Axis Camera Station Axis Communications AB Axis Camera Station PRO Axis Camera Station +1 more

Timeline

PublishedAug 12

Description

During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Affected Packages4 packages

▶NVDaxis/camera_station5.32.244 — 5.59.49607

▶NVDaxis/camera_station_pro6.0.25729 — 6.10.49500

▶CVEListV5axis_communications_ab/axis_camera_station5.32 — 5.59

▶CVEListV5axis_communications_ab/axis_camera_station_pro6 — 6.10

🔴Vulnerability Details

GHSA

GHSA-h53g-frqp-qfgw: During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal r↗2025-08-12

▶

CVEList

CVE-2025-7622: During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal r↗2025-08-12

▶