AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.axis.com/files/tech_notes/CVE-2022-23410.pdf |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Axis
Published: 2022-02-14T21:04:28
Updated: 2024-08-03T03:43:46.003Z
Reserved: 2022-01-18T00:00:00
Link: CVE-2022-23410
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-02-14T22:15:08.147
Modified: 2022-05-11T14:23:54.003
Link: CVE-2022-23410
Redhat
No data.