Sign-up

ID

VAR-200709-0160


CVE

CVE-2007-4926


TITLE

AXIS Vulnerability to obtain important information in camera

Trust: 0.8

sources: JVNDB: JVNDB-2007-002639

DESCRIPTION

The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors. AXIS 207W cameras use base64-encoded plaintext to authenticate usernames and passwords

Trust: 1.8

sources: NVD: CVE-2007-4926 // JVNDB: JVNDB-2007-002639 // VULHUB: VHN-28288 // VULMON: CVE-2007-4926

AFFECTED PRODUCTS

vendor:axismodel:207w camerascope: - version: -

Trust: 1.4

vendor:axismodel:207w camerascope:eqversion:*

Trust: 1.0

sources: JVNDB: JVNDB-2007-002639 // CNNVD: CNNVD-200709-226 // NVD: CVE-2007-4926

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-4926
value: HIGH

Trust: 1.0

NVD: CVE-2007-4926
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200709-226
value: CRITICAL

Trust: 0.6

VULHUB: VHN-28288
value: HIGH

Trust: 0.1

VULMON: CVE-2007-4926
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-4926
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-28288
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-28288 // VULMON: CVE-2007-4926 // JVNDB: JVNDB-2007-002639 // CNNVD: CNNVD-200709-226 // NVD: CVE-2007-4926

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.9

sources: VULHUB: VHN-28288 // JVNDB: JVNDB-2007-002639 // NVD: CVE-2007-4926

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200709-226

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-200709-226

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-002639

PATCH
title:Top Pageurl:http://www.axis.com/techsup/software/acc/index.htm
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-002639

EXTERNAL IDS
db:NVDid:CVE-2007-4926
Trust: 2.6
db:SREASONid:3145
Trust: 1.8
db:SECTRACKid:1018699
Trust: 1.8
db:JVNDBid:JVNDB-2007-002639
Trust: 0.8
db:BUGTRAQid:20070915 AXIS 207W WIRELESS CAMERA WEB INTERFACE - MULTIPLE VULNERABILITIES
Trust: 0.6
db:CNNVDid:CNNVD-200709-226
Trust: 0.6
db:VULHUBid:VHN-28288
Trust: 0.1
db:VULMONid:CVE-2007-4926
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28288 // 
            
            
            
            VULMON: CVE-2007-4926 // 
            
            
            
            JVNDB: JVNDB-2007-002639 // 
            
            
            
            CNNVD: CNNVD-200709-226 // 
            
            
            
            NVD: CVE-2007-4926

REFERENCES
url:http://airscanner.com/security/07080701_axis.htm
Trust: 1.8
url:http://www.informit.com/articles/article.aspx?p=1016102
Trust: 1.8
url:http://www.securitytracker.com/id?1018699
Trust: 1.8
url:http://securityreason.com/securityalert/3145
Trust: 1.8
url:http://www.securityfocus.com/archive/1/479600/100/0/threaded
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4926
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4926
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/479600/100/0/threaded
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/310.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-28288 // 
            
            
            
            VULMON: CVE-2007-4926 // 
            
            
            
            JVNDB: JVNDB-2007-002639 // 
            
            
            
            CNNVD: CNNVD-200709-226 // 
            
            
            
            NVD: CVE-2007-4926

SOURCES
db:VULHUBid:VHN-28288
db:VULMONid:CVE-2007-4926
db:JVNDBid:JVNDB-2007-002639
db:CNNVDid:CNNVD-200709-226
db:NVDid:CVE-2007-4926

LAST UPDATE DATE
2025-04-10T20:22:40.419000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-28288date:2018-10-15T00:00:00
db:VULMONid:CVE-2007-4926date:2018-10-15T00:00:00
db:JVNDBid:JVNDB-2007-002639date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-226date:2007-10-08T00:00:00
db:NVDid:CVE-2007-4926date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-28288date:2007-09-18T00:00:00
db:VULMONid:CVE-2007-4926date:2007-09-18T00:00:00
db:JVNDBid:JVNDB-2007-002639date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200709-226date:2007-09-18T00:00:00
db:NVDid:CVE-2007-4926date:2007-09-18T18:17:00