CVE-2015-8257

The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.

BID: http://www.securityfocus.com/bid/92159
EXPLOIT-DB: https://www.exploit-db.com/exploits/40171/
MISC: http://packetstormsecurity.com/files/138083/AXIS-Authenticated-Remote-Command-Execution.html
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8257

14 years
257 countries
690k users
4559k calculations
Logo www.i4wifi.cz
Logo sectech.co.nz
Logo www.clarecontrols.com
Logo ipcamtalk.com
Logo cities-today.com
Logo www.use-ip.co.uk