CVE-2004-2427
First published: Fri Dec 31 2004(Updated: )
Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to obtain sensitive information via direct requests to (1) admin/getparam.cgi, (2) admin/systemlog.cgi, (3) admin/serverreport.cgi, and (4) admin/paramlist.cgi, modify system information via (5) setparam.cgi and (6) factorydefault.cgi, or (7) cause a denial of service (reboot) via restart.cgi.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AXIS 2100 Network Camera | =2.12 | |
| AXIS 2100 Network Camera | =2.30 | |
| AXIS 2100 Network Camera | =2.31 | |
| AXIS 2100 Network Camera | =2.32 | |
| AXIS 2100 Network Camera | =2.33 | |
| AXIS 2100 Network Camera | =2.34 | |
| AXIS 2100 Network Camera | =2.40 | |
| AXIS 2100 Network Camera | =2.41 | |
| Axis 2110 Network Camera | =2.12 | |
| Axis 2110 Network Camera | =2.30 | |
| Axis 2110 Network Camera | =2.31 | |
| Axis 2110 Network Camera | =2.32 | |
| Axis 2110 Network Camera | =2.34 | |
| Axis 2110 Network Camera | =2.40 | |
| Axis 2110 Network Camera | =2.41 | |
| Axis 2120 Network Camera | =2.12 | |
| Axis 2120 Network Camera | =2.30 | |
| Axis 2120 Network Camera | =2.31 | |
| Axis 2120 Network Camera | =2.32 | |
| Axis 2120 Network Camera | =2.34 | |
| Axis 2120 Network Camera | =2.40 | |
| Axis 2120 Network Camera | =2.41 | |
| AXIS 2130 PTZ Network Camera | =2.30 | |
| AXIS 2130 PTZ Network Camera | =2.31 | |
| AXIS 2130 PTZ Network Camera | =2.32 | |
| AXIS 2130 PTZ Network Camera | =2.34 | |
| AXIS 2130 PTZ Network Camera | =2.40 | |
| Axis 230 MPEG-2 Video Server | =3.11 | |
| AXIS 2400 Video Server | =1.1 | |
| AXIS 2400 Video Server | =1.2 | |
| AXIS 2400 Video Server | =1.10 | |
| AXIS 2400 Video Server | =1.11 | |
| AXIS 2400 Video Server | =1.12 | |
| AXIS 2400 Video Server | =1.15 | |
| AXIS 2400 Video Server | =2.0 | |
| AXIS 2400 Video Server | =2.20 | |
| AXIS 2400 Video Server | =2.30 | |
| AXIS 2400 Video Server | =2.31 | |
| AXIS 2400 Video Server | =2.32 | |
| AXIS 2400 Video Server | =2.33 | |
| AXIS 2400 Video Server | =2.34 | |
| AXIS 2400 Video Server | =3.11 | |
| AXIS 2400 Video Server | =3.12 | |
| Axis 2401 Video Server | =1.0_1 | |
| Axis 2401 Video Server | =1.15 | |
| Axis 2401 Video Server | =2.20 | |
| Axis 2401 Video Server | =2.30 | |
| Axis 2401 Video Server | =2.31 | |
| Axis 2401 Video Server | =2.32 | |
| Axis 2401 Video Server | =2.33 | |
| Axis 2401 Video Server | =2.34 | |
| Axis 2401 Video Server | =3.12 | |
| Axis 2401 Video Server | =3.13 | |
| AXIS 2411 Video Server | =3.12 | |
| AXIS 2411 Video Server | =3.13 | |
| AXIS 2420-IR Network Camera | =2.12 | |
| AXIS 2420-IR Network Camera | =2.30 | |
| AXIS 2420-IR Network Camera | =2.31 | |
| AXIS 2420-IR Network Camera | =2.32 | |
| AXIS 2420-IR Network Camera | =2.33 | |
| AXIS 2420-IR Network Camera | =2.34 | |
| AXIS 2420-IR Network Camera | =2.40 | |
| AXIS 2420-IR Network Camera | =2.41 | |
| Axis 2420 Video Server | =2.32 | |
| Axis 2420 Video Server | =2.34 | |
| Axis 2460 Network DVR | ||
| Axis 2460 Network DVR | =3.10 | |
| Axis 2460 Network DVR | =3.11 | |
| Axis 2490 serial Server | ||
| Axis 2490 serial Server | =2.11.3 | |
| Axis 250s Video Server | ||
| Axis 250s Video Server | =3.03 | |
| Axis 250s Video Server | =3.10 | |
| Axis StorPoint CD |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What are the risks associated with CVE-2004-2427?
CVE-2004-2427 allows unauthorized remote access to sensitive information on affected Axis Network Cameras and Video Servers, posing a significant data security risk.
How can I prevent exploitation of CVE-2004-2427?
To prevent exploitation of CVE-2004-2427, ensure that your Axis Network Camera or Video Server firmware is updated to the latest version.
Which devices are affected by CVE-2004-2427?
CVE-2004-2427 affects various versions of the Axis 2100 and 2400 Network Cameras and Video Servers, specifically those running versions 2.40 and earlier or 3.12 and earlier.
What is the vulnerability type of CVE-2004-2427?
CVE-2004-2427 is classified as an information disclosure vulnerability.
What actions should I take if my device is affected by CVE-2004-2427?
If your device is affected by CVE-2004-2427, immediately update your firmware and review device access controls to restrict unauthorized access.
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/remedy
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/axis
- product/2120 network camera
- canonical/axis 2120 network camera
- product/2110 network camera
- canonical/axis 2110 network camera
- product/storpoint cd
- canonical/axis storpoint cd
- product/2100 network camera
- canonical/axis 2100 network camera
- product/2400 video server
- canonical/axis 2400 video server
- product/2411 video server
- canonical/axis 2411 video server
- product/2420 network camera
- canonical/axis 2420 network camera
- product/2420 video server
- canonical/axis 2420 video server
- product/2130 ptz network camera
- canonical/axis 2130 ptz network camera
- product/2401 video server
- canonical/axis 2401 video server
- product/2460 network dvr
- canonical/axis 2460 network dvr
- product/230 mpeg2 video server
- canonical/axis 230 mpeg2 video server
- product/2490 serial server
- canonical/axis 2490 serial server
- product/250s video server
- canonical/axis 250s video server
- version/axis 2100 network camera/2.12
- version/axis 2100 network camera/2.30
- version/axis 2100 network camera/2.31
- version/axis 2100 network camera/2.32
- version/axis 2100 network camera/2.33
- version/axis 2100 network camera/2.34
- version/axis 2100 network camera/2.40
- version/axis 2100 network camera/2.41
- version/axis 2110 network camera/2.12
- version/axis 2110 network camera/2.30
- version/axis 2110 network camera/2.31
- version/axis 2110 network camera/2.32
- version/axis 2110 network camera/2.34
- version/axis 2110 network camera/2.40
- version/axis 2110 network camera/2.41
- version/axis 2120 network camera/2.12
- version/axis 2120 network camera/2.30
- version/axis 2120 network camera/2.31
- version/axis 2120 network camera/2.32
- version/axis 2120 network camera/2.34
- version/axis 2120 network camera/2.40
- version/axis 2120 network camera/2.41
- version/axis 2130 ptz network camera/2.30
- version/axis 2130 ptz network camera/2.31
- version/axis 2130 ptz network camera/2.32
- version/axis 2130 ptz network camera/2.34
- version/axis 2130 ptz network camera/2.40
- canonical/axis 230 mpeg-2 video server
- version/axis 230 mpeg-2 video server/3.11
- version/axis 2400 video server/1.1
- version/axis 2400 video server/1.2
- version/axis 2400 video server/1.10
- version/axis 2400 video server/1.11
- version/axis 2400 video server/1.12
- version/axis 2400 video server/1.15
- version/axis 2400 video server/2.0
- version/axis 2400 video server/2.20
- version/axis 2400 video server/2.30
- version/axis 2400 video server/2.31
- version/axis 2400 video server/2.32
- version/axis 2400 video server/2.33
- version/axis 2400 video server/2.34
- version/axis 2400 video server/3.11
- version/axis 2400 video server/3.12
- version/axis 2401 video server/1.0_1
- version/axis 2401 video server/1.15
- version/axis 2401 video server/2.20
- version/axis 2401 video server/2.30
- version/axis 2401 video server/2.31
- version/axis 2401 video server/2.32
- version/axis 2401 video server/2.33
- version/axis 2401 video server/2.34
- version/axis 2401 video server/3.12
- version/axis 2401 video server/3.13
- version/axis 2411 video server/3.12
- version/axis 2411 video server/3.13
- canonical/axis 2420-ir network camera
- version/axis 2420-ir network camera/2.12
- version/axis 2420-ir network camera/2.30
- version/axis 2420-ir network camera/2.31
- version/axis 2420-ir network camera/2.32
- version/axis 2420-ir network camera/2.33
- version/axis 2420-ir network camera/2.34
- version/axis 2420-ir network camera/2.40
- version/axis 2420-ir network camera/2.41
- version/axis 2420 video server/2.32
- version/axis 2420 video server/2.34
- version/axis 2460 network dvr/3.10
- version/axis 2460 network dvr/3.11
- version/axis 2490 serial server/2.11.3
- version/axis 250s video server/3.03
- version/axis 250s video server/3.10