CVE-2025-7622 MEDIUM

CVE-2025-7622

Vendor Axis Communications Ab
Product AXIS Camera Station Pro
Weakness CWE-918 · SSRF
Published August 12, 2025
Last update August 12, 2025
View on NVD All CVEs

CVSS base score

5.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

What the vulnerability does

01Description

During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.

Key dates

02Disclosure timeline

August 12, 2025 CVE published
August 12, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-40148 PingFederate Server Side Request Forgery vulnerability CVE-2024-13411 Zapier for WordPress <= 1.5.1 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via updated_user Function CVE-2024-37208 WordPress WP Scraper plugin <= 5.7 - Server Side Request Forgery (SSRF) vulnerability CVE-2023-26459 Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform CVE-2026-33502 AVideo has Unauthenticated SSRF via plugin/Live/test.php