CVE-2013-3543

Name of the Vulnerable Software and Affected Versions AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) version 6.2.10.11

Description The issue allows remote attackers to create or overwrite arbitrary files. This can be achieved by providing a file path to certain methods, specifically the (1) StartRecord, (2) SaveCurrentImage, or (3) StartRecordMedia methods.

Recommendations For version 6.2.10.11, as a temporary workaround, consider restricting access to the StartRecord, SaveCurrentImage, and StartRecordMedia methods until a patch is available. Avoid using these methods with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.