CVE-2023-21412 – Non-sanitized user input could lead to SQL injections in AXIS License Plate Verifier
https://notcve.org/view.php?id=CVE-2023-21412
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections. • https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-21411 – Non-sanitized user input could lead to arbitrary code execution during Access Control configuration in AXIS License Plate Verifier
https://notcve.org/view.php?id=CVE-2023-21411
User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. • https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2023-21410 – Non-sanitized user input could lead to arbitrary code execution in AXIS License Plate Verifier
https://notcve.org/view.php?id=CVE-2023-21410
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution. • https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2023-21409 – Insufficient file permissions leak administrator-privileged credentials in AXIS License Verifier ACAP
https://notcve.org/view.php?id=CVE-2023-21409
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application. • https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2023-21408 – Insufficient file permissions leak user credentials of 3rd party integration interfaces in AXIS License Verifier ACAP
https://notcve.org/view.php?id=CVE-2023-21408
Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration interface towards 3rd party systems. • https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdf • CWE-755: Improper Handling of Exceptional Conditions •