Axis Camera Multiple Products RCE (Devil's Ivy)

High Nessus Network Monitor Plugin ID 7279


The Remote host is vulnerable to a remote code execution vulnerability.


The remote host is vulnerable to a flaw which allows a remote attacker to control the system. The flaw, nicknamed Devil's Ivy stems from a buffer overflow in the gSoap component.


The vendor has released a patch to address this issue.

Plugin Details

Severity: High

ID: 7279

Version: 1.0

Family: IoT

Published: 2017/07/19

Updated: 2018/08/16

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 10

Temporal Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:U/RC:C

Reference Information

CVE: CVE-2017-9765