
23/4/2025

23/4/2025
CVE-2025-1056
First published: Wed Apr 23 2025(Updated: )
Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location.
Axis has released a patched version for the highlighted flaw. Please
refer to the Axis security advisory for more information and solution.
Credit: product-security@axis.com
Affected Software | Affected Version | How to fix |
---|
AXIS Camera Station | | |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-1056?
CVE-2025-1056 is considered a high-severity vulnerability due to its potential for unauthorized file manipulation by non-admin users.
How do I fix CVE-2025-1056?
To fix CVE-2025-1056, update your Axis Camera Station Pro to the latest patched version provided by Axis.
What kind of access does CVE-2025-1056 grant to attackers?
CVE-2025-1056 allows non-admin users to create or modify files in an admin-protected location, potentially leading to further exploits.
Which versions of Axis Camera Station Pro are affected by CVE-2025-1056?
CVE-2025-1056 affects certain versions of Axis Camera Station Pro prior to the patched release from Axis.
Is there a workaround for CVE-2025-1056 if I cannot update immediately?
While the best mitigation is to update, restricting non-admin user permissions may provide temporary protection against CVE-2025-1056.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/source
- agent/last-modified-date
- agent/tags
- agent/event
- vendor/axis
- canonical/axis camera station
Contact
SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.coBy using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203