CVE-2025-13064

← CVEs

MED 4.5

Published

2026-02-10

Last Modified

2026-02-17

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.

Affected Applications in Environment 1

Camera v5.3.8

29 devices

Affected Devices 29

118B-18 Windows ADV-PEER-02 Windows DPBUDG-4QYBKS3 Windows DPCSOW-L3192SS9 Windows DPDNNR-205384 Windows DPHSNG-00214800 Windows DPHSNG-JN7PG04 Windows DPLAEP-JAKEPOWE Windows DPLAEP-PF5S8FRS Windows DPSTUD-FB4D794 Windows ENGL-JV1P3Y2 Windows HETR-TS-01 Windows Jared-Coltons-MacBook-Air-M2-10.local Mac LPCS-FYVKPX2 Windows MC-18 Windows MV-11 Windows MV-12 Windows SPER-5CD1529JSR Windows WIBLANG1903-01 Windows a00297072-V3QQN7Y61W Mac a00345003-G4KKXFDH6V Mac a00575059-H7DKJPXJC2 Mac a01090638-HMFV33JR2V Mac a01104684-YTH5XV97QN Mac a01483698-KN7NY7WJK6 Mac a01896128-KWY3PW24QV Mac a02253819-C02YXDKNLVDC Mac a02260949-K6CF2WNCVP Mac a02265864-LFW93MQ9P7 Mac

References 1

https://www.axis.com/dam/public/a9/9e/94/cve-2025-13064pdf-en-US-519290.pdf