CVE-2007-4930

Name of the Vulnerable Software and Affected Versions: AXIS 207W camera (affected versions not specified)

Description: The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities allow remote attackers to perform certain actions as administrators. The affected API endpoints include (1) "axis-cgi/admin/restart.cgi", (2) "axis-cgi/admin/pwdgrp.cgi" with the user and sgrp parameters in an add action, and (3) "admin/restartMessage.shtml" with the server parameter.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.