CVE-2026-1185

high

Description

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH.

References

https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-en-US-530733.pdf

Details

Source: Mitre, NVD

Published: 2026-05-12

Updated: 2026-05-19

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H