CVE-2026-1185

EUVD-2026-29386
A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 13%
Affected Products (NVD)
VendorProductVersion
axisaxis_os
12.0.0 ≤
𝑥
< 12.10.37
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-en-US-530733.pdf