{"id":3716,"date":"2018-06-18T13:00:04","date_gmt":"2018-06-18T13:00:04","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132888"},"modified":"2018-06-18T13:00:04","modified_gmt":"2018-06-18T13:00:04","slug":"axis-cameras-riddled-with-vulnerabilities-enabling-full-control","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/","title":{"rendered":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/06\/18083043\/ip-cam-e1529325058281.png\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>A slew of vulnerabilities in Axis cameras could enable an attacker to access camera video streams, control the camera, add it to a botnet or render it useless.<\/p>\n<p>Researchers at VDOO, who disclosed the vulns on Monday, recommended that customers update immediately after finding that more than 400 Axis IP cameras are impacted. Axis deploys a number of cameras, including those for the hotel, industrial and banking industries.<\/p>\n<p>The bugs have not yet been exploited in the field, the researchers said, but up to seven vulnerabilities exist \u2013 three of which can be exploited in a specific sequence to enable an attacker to remotely execute shell commands with root privileges.<\/p>\n<p>\u201cChaining three of the reported vulnerabilities together allows an unauthenticated remote attacker that has access to the camera login page through the network (without any previous access to the camera or credentials to the camera) to fully control the affected camera,\u201d researchers said in a <a href=\"https:\/\/blog.vdoo.com\/2018\/06\/18\/vdoo-discovers-significant-vulnerabilities-in-axis-cameras\/\" target=\"_blank\" rel=\"noopener\">post<\/a>.<\/p>\n<p>Through a proof-of-concept (PoC) attack, researchers found that an authorization bypass vulnerability (CVE-2018-10661) exists within the functionality of the camera that sends requests for files ending with certain extensions (.srv) to the \/bin\/ssid process.<\/p>\n<p>The flaw allows bad actors to send unauthenticated HTTP requests that reach the .srv functionality. This function handles .srv requests and does not require user credentials (normally, this functionality should only be accessible to admin users, researchers note).<\/p>\n<p>From there, \u201cLegitimate requests that reach \/bin\/ssid\u2019s .srv functionality can choose one of several actions by setting\u00a0the action parameter in the request\u2019s query-string,\u201d researchers said.<\/p>\n<p>The attacker can essentially then utilize an interface that allows sending any dbus message to the\u00a0device\u2019s bus.\u00a0The dbus process is important because the camera system\u2019s daemons communicate by using the dbus Inter-Process Communication\u00a0mechanism.<\/p>\n<p>This vulnerability (CVE-2018-10662) exists because the authorization mechanism that is\u00a0intended to limit such requests, PolicyKit, is configured to automatically grant access to requests originating from the root user.<\/p>\n<p>\u201cDue to the fact that \/bin\/ssid runs as root, these dbus messages are authorized to\u00a0invoke most of the system\u2019s dbus-services\u2019 interfaces (that were otherwise subject to a strict\u00a0authorization policy),\u201d researchers said.<\/p>\n<p>The attacker can send dbus messages to one such interface \u2013 PolicyKitParhand, which offers functions for setting parhand parameters. Parhand parameters are\u00a0responsible for storing, fetching and updating parameters\u00a0and their values.<\/p>\n<p>The attacker at that point would have control over any of the device\u2019s parhand parameter values, enabling them to leverage a shell command injection vulnerability (CVE-2018-10660).<\/p>\n<p>In this final stage of the attack, the attacker would be able to send unauthenticated requests to set parhand parmeter values. By doing so, the attacker can now exploit this vulnerability by setting one parameter\u2019s value with special characters which will cause command injection.<\/p>\n<p>From there, the attacker can execute commands as the root user.<\/p>\n<p>There are several ways an attacker could first launch an attack,\u00a0Or Peles, researcher at VDOO, told Threatpost:\u00a0\u201cIn most of cases in which an IP camera is vulnerable to remote code execution, there are a few attack scenarios that can be expected,\u201d he said.<\/p>\n<p>\u201cFor cameras that have direct interface with the internet\u2026 the attacker would need to find these addresses via internet scanners. Once found \u2013 he or she can execute the attack promptly,\u201d said Peles via an emailed interview. \u201cFor cameras that are behind routing systems but do have an access in a specific port (via port forwarding), the attacker would need to find this designated port first. For cameras that are behind firewalls or don\u2019t communicate with the internet (but only accessible via the internal network), the attacker would need to penetrate the network first; or the attacker could be an internal employee or some who has access to this specific network and would then need only to obtain the internal IP address of\u00a0the cameras in question.\u201d<\/p>\n<p>Researchers found three more vulns that they did not detail as part of the attack; these include a bug that allows attackrs to crash the httpd process (CVE-2018-10664), an information leakage vuln in the \/bin\/ssid process (CVE-2018-10663); and two bugs that can cause the \/bin\/ssid process to crash (CVE-2018-10658 and CVE-2018-10659).<\/p>\n<p>The security issues are only the latest to hit IoT devices; earlier in June, IP camera manufacturer\u00a0Foscam urged customers to update their <a href=\"https:\/\/threatpost.com\/foscam-issues-patches-for-vulnerabilities-in-ip-cameras\/132738\/\" target=\"_blank\" rel=\"noopener\">security cameras<\/a> after researchers found three vulnerabilities in\u00a0that could enable a bad actor to gain root access knowing only the camera\u2019s IP address.<\/p>\n<p>VDOO researchers noted an array of insecurities that are indicative of issues that many IoT manufacturers face: including lack of privilege separation, lack of proper input sanitization and lack of binary firmware encryption.<\/p>\n<p>To upgrade to the latest firmware, researchers said that customers can use Axis Device Manager, the camera\u2019s web interface or FTP.<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/132888\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The IP cameras have a slew of bugs allowing bad actors to control them, add them to a botnet, or render them useless. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":3717,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[1423,1424,1425,1426,1427,1428,211,18,77,1429,236,1430,1431,19,55],"class_list":["post-3716","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-authorization-bypass-vulnerability","tag-axis","tag-camera-security","tag-cve-2018-10660","tag-cve-2018-10661","tag-cve-2018-10662","tag-featured","tag-hacks","tag-iot","tag-iot-botnet","tag-iot-security","tag-ip-camera","tag-shell-injection-vulnerability","tag-vulnerabilities","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-18T13:00:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"530\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d\",\"datePublished\":\"2018-06-18T13:00:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/\"},\"wordCount\":818,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png\",\"keywords\":[\"authorization bypass vulnerability\",\"Axis\",\"Camera security\",\"CVE-2018-10660\",\"CVE-2018-10661\",\"CVE-2018-10662\",\"Featured\",\"Hacks\",\"IoT\",\"IoT botnet\",\"IoT security\",\"IP Camera\",\"shell injection vulnerability\",\"Vulnerabilities\",\"Vulnerability\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/\",\"name\":\"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png\",\"datePublished\":\"2018-06-18T13:00:04+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png\",\"width\":800,\"height\":530},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"authorization bypass vulnerability\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/authorization-bypass-vulnerability\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/","og_locale":"en_US","og_type":"article","og_title":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-06-18T13:00:04+00:00","og_image":[{"width":800,"height":530,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d","datePublished":"2018-06-18T13:00:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/"},"wordCount":818,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png","keywords":["authorization bypass vulnerability","Axis","Camera security","CVE-2018-10660","CVE-2018-10661","CVE-2018-10662","Featured","Hacks","IoT","IoT botnet","IoT security","IP Camera","shell injection vulnerability","Vulnerabilities","Vulnerability"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/","url":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/","name":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png","datePublished":"2018-06-18T13:00:04+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control.png","width":800,"height":530},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/axis-cameras-riddled-with-vulnerabilities-enabling-full-control\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"authorization bypass vulnerability","item":"https:\/\/www.threatshub.org\/blog\/tag\/authorization-bypass-vulnerability\/"},{"@type":"ListItem","position":3,"name":"Axis Cameras Riddled With Vulnerabilities Enabling \u201cFull Control\u201d"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=3716"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3716\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/3717"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=3716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=3716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=3716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}