CVE-2026-0802

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,0

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

1287

Improper Validation of Specified Type of Input

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Other

Potential Impacts:

Varies By Context

Applicable Platforms

All platforms may be affected

View CWE Details

https://www.axis.com/dam/public/67/b8/75/cve-2026-0802pdf-e…

https://www.axis.com/dam/public/67/b8/75/cve-2026-0802pdf-en-US-530731.pdf

CVE-2026-0802

Description

Improper Validation of Specified Type of Input

Common Consequences

Applicable Platforms

Iscriviti alla newsletter