CVE-2026-0804

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,7

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

Path Traversal: '.../...//'

Incomplete

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity

Potential Impacts:

Read Files Or Directories Modify Files Or Directories Bypass Protection Mechanism

Applicable Platforms

All platforms may be affected

View CWE Details

https://www.axis.com/dam/public/51/64/ea/cve-2026-0804pdf-e…

https://www.axis.com/dam/public/51/64/ea/cve-2026-0804pdf-en-US-530732.pdf

CVE-2026-0804

Description

Path Traversal: '.../...//'

Common Consequences

Applicable Platforms

Iscriviti alla newsletter