Axis Camera Station Pro CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-12063	1 Axis Communications Ab	1 Axis Camera Station Pro	2026-02-10	5.7 Medium
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.
CVE-2025-13064	1 Axis Communications Ab	1 Axis Camera Station Pro	2026-02-10	4.5 Medium
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with.
CVE-2025-12757	1 Axis Communications Ab	1 Axis Camera Station Pro	2026-02-10	4.6 Medium
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to.
CVE-2025-11547	1 Axis Communications Ab	1 Axis Camera Station Pro	2026-02-10	7.8 High
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user.

Page 1 of 1.