Input Validation Flaw in VAPIX API Affects Axis Products
CVE-2025-11142

7.1HIGH

Key Information:

Vendor: Axis Communications Ab
Status: Axis Os
Vendor: CVE Published:; 10 February 2026

🔔 Create Axis Communications Ab Vulnerability Alert

What is CVE-2025-11142?

This vulnerability in the VAPIX API's mediaclip.cgi component stems from insufficient input validation, potentially leading to remote code execution. This security issue requires authentication with an operator or administrator-level account, which heightens the risk for users with compromised credentials. Organizations using Axis devices with this API should ensure proper access controls and security measures are in place to mitigate potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AXIS OS 12.6.54 <= 12.7.35

References

https://www.axis.com/dam/public/18/0e/90/cve-2025-11142pd...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 10, 2026
Vulnerability Reserved
Sep 29, 2025

Credit

51l3nc3

JSON

Axis Communications Ab

What is CVE-2025-11142?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.