Axis Security Camera Flaws Enable Remote Takeover

4 Bugs Affecting at Least 6,500 Camera Servers Enable Pre-Auth Attacks on Devices Prajeet Nair (@prajeetspeaks) • August 7, 2025

Researchers who uncovered four severe flaws in Axis Communications' video management and camera software say thousands of internet-connected surveillance systems are vulnerable to remote attacks that bypass authentication.

See Also: Gartner Report | Magic Quadrant for SD-WAN

Attackers could potentially hijack entire security networks, crash camera systems or tap into live camera feeds, said Claroty researchers who uncovered the vulnerabilities that Axis Device Manager and Axis Camera Station, two core applications for managing IP-based security camera infrastructure. Exploiting flaws in the proprietary Axis. Remoting protocol, attackers can chain the vulnerabilities to gain unauthenticated, root-level remote code execution, effectively taking full control of entire surveillance networks.

Claroty's Team82 found more ...