CVE-2015-8257

HIGH

AXIS network cameras - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-8257. PoCs published by Orwelllabs.

AI-analyzed exploit summary This is a detailed security advisory describing an authenticated remote command execution vulnerability in multiple AXIS network camera models. The vulnerability arises from improper input validation in the devtools.sh script, allowing command injection via the 'app' parameter in specific web pages.

Description

The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.

Exploits (1)

exploitdb WRITEUP
by Orwelllabs · textwebappslinux
https://www.exploit-db.com/exploits/40171

This is a detailed security advisory describing an authenticated remote command execution vulnerability in multiple AXIS network camera models. The vulnerability arises from improper input validation in the devtools.sh script, allowing command injection via the 'app' parameter in specific web pages.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: AXIS Network Cameras (multiple models/firmwares)
Auth required
Prerequisites: Authenticated access to the device's web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92159
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40171/

Scores

CVSS v3 8.8
EPSS 0.1769
EPSS Percentile 96.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-77
Status published
Products (1)
axis/network_camera_firmware
Published May 02, 2017
Tracked Since Feb 18, 2026