CVE-2026-1185

Published: Mag 12, 2026 Last Modified: Mag 12, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,4

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: none

Integrity: low

Availability: low

Description

AI Translation Available

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH.

732

Incorrect Permission Assignment for Critical Resource

Draft

Abstraction: Class Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Access Control Integrity Other

Potential Impacts:

Read Application Data Read Files Or Directories Gain Privileges Or Assume Identity Modify Application Data Other

Applicable Platforms

Technologies: Cloud Computing, Not Technology-Specific

Likelihood of Exploit: High

View CWE Details

https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-e…

https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-en-US-530733.pdf

CVE-2026-1185

Description

Incorrect Permission Assignment for Critical Resource

Common Consequences

Applicable Platforms

Iscriviti alla newsletter