Axis License Plate Verifier — known CVE vulnerabilities
Every CVE whose affected-product data names Axis License Plate Verifier, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-21407 — CVSS 8.8 (high): A broken access control was found allowing for privileged escalation of the operator account to gain administrator privileges.
CVE-2023-21408 — CVSS 8.4 (high): Due to insufficient file permissions, unprivileged users could gain access to unencrypted user credentials that are used in the integration…
CVE-2023-21409 — CVSS 8.4 (high): Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the…
CVE-2023-21410 — CVSS 7.2 (high): User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution.
CVE-2023-21411 — CVSS 7.2 (high): User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution.
CVE-2023-21412 — CVSS 7.2 (high): User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections.