CVE-2023-5800

Summary

CVE-2023-5800 is a vulnerability affecting the VAPIX API in Vintage products. The create_overlay.cgi lacked sufficient input validation, making it susceptible to remote code execution. Exploitation of this vulnerability required authentication using an operator- or administrator-level service account. Axis has released patched AXIS OS versions to address this issue. Users are encouraged to apply the updates as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.