What is CVE-2017-20049?

CVE-2017-20049 is a vulnerability found in legacy Axis devices such as P3225 and M3005.

What is the severity of CVE-2017-20049?

CVE-2017-20049 has a severity level of 9.8 (Critical).

Which software versions are affected by CVE-2017-20049?

CVE-2017-20049 affects Axis P1204 Firmware (up to version 5.50.4), Axis P3225 Firmware (up to version 6.30.1), Axis P3367 Firmware (up to version 6.10.1.2), Axis M3045 Firmware (up to version 6.15.4.1), and Axis M3005 Firmware (up to version 5.50.5.7).

What is the vulnerability in CVE-2017-20049 related to?

The vulnerability in CVE-2017-20049 is related to improper privilege management in the CGI Script component of legacy Axis devices.

Can CVE-2017-20049 be exploited remotely?

Yes, CVE-2017-20049 can be exploited remotely.

Vulnerability/
CVE-2017-20049

critical

CWE

269

15/6/2022

5/8/2024

CVE-2017-20049

First published: Wed Jun 15 2022(Updated: )

A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
Axis P1204 Firmware	<=5.50.4
Axis P1204
Axis P3225 Firmware	<=6.30.1
Axis P3225
Axis P3367 Firmware	<=6.10.1.2
Axis P3367
Axis M3045 Firmware	<=6.15.4.1
Axis M3045
Axis M3005 Firmware	<=5.50.5.7
Axis M3005
Axis M3007 Firmware	<=6.30.1.1
Axis M3007

Never miss a vulnerability like this again

Reference Links

https://www.axis.com/dam/public/df/f3/dd/cve-2017-20049-en-US-376956.pdf

Frequently Asked Questions

What is CVE-2017-20049?
CVE-2017-20049 is a vulnerability found in legacy Axis devices such as P3225 and M3005.
What is the severity of CVE-2017-20049?
CVE-2017-20049 has a severity level of 9.8 (Critical).
Which software versions are affected by CVE-2017-20049?
CVE-2017-20049 affects Axis P1204 Firmware (up to version 5.50.4), Axis P3225 Firmware (up to version 6.30.1), Axis P3367 Firmware (up to version 6.10.1.2), Axis M3045 Firmware (up to version 6.15.4.1), and Axis M3005 Firmware (up to version 5.50.5.7).
What is the vulnerability in CVE-2017-20049 related to?
The vulnerability in CVE-2017-20049 is related to improper privilege management in the CGI Script component of legacy Axis devices.
Can CVE-2017-20049 be exploited remotely?
Yes, CVE-2017-20049 can be exploited remotely.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/severity
agent/references
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/tags
agent/source
vendor/axis
canonical/axis p1204 firmware
version/axis p1204 firmware/5.50.4
canonical/axis p1204
canonical/axis p3225 firmware
version/axis p3225 firmware/6.30.1
canonical/axis p3225
canonical/axis p3367 firmware
version/axis p3367 firmware/6.10.1.2
canonical/axis p3367
canonical/axis m3045 firmware
version/axis m3045 firmware/6.15.4.1
canonical/axis m3045
canonical/axis m3005 firmware
version/axis m3005 firmware/5.50.5.7
canonical/axis m3005
canonical/axis m3007 firmware
version/axis m3007 firmware/6.30.1.1
canonical/axis m3007

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.