CVE-2025-11142

Name of the Vulnerable Software and Affected Versions VAPIX API (affected versions not specified)

Description The VAPIX API’s mediaclip.cgi component lacks proper input validation, potentially allowing for remote code execution. Exploitation requires authentication with an operator- or administrator-privileged service account. The API endpoint involved is /mediaclip.cgi.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.