EIP-2026-100714

PRE-CVE

Axis Communications Video Server 2.x - 'Command.cgi' File Creation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100714. PoCs published by Martin Eiszner.

AI-analyzed exploit summary The exploit describes a vulnerability in Axis Video Servers where improper input handling in the 'command.cgi' script allows arbitrary file creation, potentially leading to denial of service or command execution. The provided URLs demonstrate the attack vectors.

Description

Axis Communications Video Server 2.x - 'Command.cgi' File Creation

Exploits (1)

exploitdb WRITEUP VERIFIED

by Martin Eiszner · textremotecgi

https://www.exploit-db.com/exploits/22311

View Code ZIP pw:eip

The exploit describes a vulnerability in Axis Video Servers where improper input handling in the 'command.cgi' script allows arbitrary file creation, potentially leading to denial of service or command execution. The provided URLs demonstrate the attack vectors.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Axis Video Servers

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026