Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. Nozomi Networks Labs researchers examined the companys Axis Companion Recorder, a compact network video recorder (NVR) The bugs are as follows: Heap-based buffer overflow (CVE-2021-31986, CVSSv3 rating of 6.7)Improper recipient validation in network test functionalities (CVE) and SMTP header injection in email test functionality.”]
Source: https://threatpost.com/ip-surveillance-bugs-axis-rce-data-theft/175350/