CVE-2018-10658

Exp

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.

Published: 2018-06-26 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2018-10658 is rated High Exploit Risk (69.1/100): CVSS High severity, with medium exploitation likelihood (EPSS 0.60%). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2018-10658

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2018-10658

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-11-21 0.53% 0.60% +0.08%
2 2025-11-18 0.64% 0.53% -0.11%
3 2025-03-30 0.64%

Full EPSS history (9 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-10658

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 3.0 HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N)
Doesn’t really leak secrets in a meaningful way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 3.6 [email protected]
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2018-10658

Affected software / configurations for CVE-2018-10658

Vendor Product Version Raw CPE
axis a1001_firmware < 1.65.1 cpe:2.3:o:axis:a1001_firmware:*:*:*:*:*:*:*:*
axis a8004-v_firmware < 1.65.2 cpe:2.3:o:axis:a8004-v_firmware:*:*:*:*:*:*:*:*
axis a8105-e_firmware < 1.65.2 cpe:2.3:o:axis:a8105-e_firmware:*:*:*:*:*:*:*:*
axis a9161_firmware < 1.65.0 cpe:2.3:o:axis:a9161_firmware:*:*:*:*:*:*:*:*
axis a9188_firmware < 1.65.0 cpe:2.3:o:axis:a9188_firmware:*:*:*:*:*:*:*:*
axis a9188-v_firmware < 1.65.0 cpe:2.3:o:axis:a9188-v_firmware:*:*:*:*:*:*:*:*
axis c1004-e_firmware < 1.81.040.1 cpe:2.3:o:axis:c1004-e_firmware:*:*:*:*:*:*:*:*
axis c2005_firmware < 1.81.040.1 cpe:2.3:o:axis:c2005_firmware:*:*:*:*:*:*:*:*
axis c3003-e_firmware < 1.81.040.1 cpe:2.3:o:axis:c3003-e_firmware:*:*:*:*:*:*:*:*
axis c8033_firmware < 1.81.040.1 cpe:2.3:o:axis:c8033_firmware:*:*:*:*:*:*:*:*
axis companion_bullet_le_firmware < 8.20.1 cpe:2.3:o:axis:companion_bullet_le_firmware:*:*:*:*:*:*:*:*
axis companion_c360_firmware < 7.15.2.3 cpe:2.3:o:axis:companion_c360_firmware:*:*:*:*:*:*:*:*
axis companion_cube_l_firmware < 8.20.1 cpe:2.3:o:axis:companion_cube_l_firmware:*:*:*:*:*:*:*:*
axis companion_cube_lw_firmware < 8.20.1 cpe:2.3:o:axis:companion_cube_lw_firmware:*:*:*:*:*:*:*:*
axis companion_dome_v_firmware < 8.20.1 cpe:2.3:o:axis:companion_dome_v_firmware:*:*:*:*:*:*:*:*
axis companion_dome_wv_firmware < 8.20.1 cpe:2.3:o:axis:companion_dome_wv_firmware:*:*:*:*:*:*:*:*
axis companion_eye_l_firmware < 8.20.1 cpe:2.3:o:axis:companion_eye_l_firmware:*:*:*:*:*:*:*:*
axis companion_eye_lve_firmware < 8.20.1 cpe:2.3:o:axis:companion_eye_lve_firmware:*:*:*:*:*:*:*:*
axis companion_recorder_4ch_firmware < 1.20.1 cpe:2.3:o:axis:companion_recorder_4ch_firmware:*:*:*:*:*:*:*:*
axis companion_recorder_8ch_firmware < 1.20.1 cpe:2.3:o:axis:companion_recorder_8ch_firmware:*:*:*:*:*:*:*:*
axis d2050-ve_firmware < 7.35.4.2 cpe:2.3:o:axis:d2050-ve_firmware:*:*:*:*:*:*:*:*
axis f34_main_unit_firmware < 6.50.2.3 cpe:2.3:o:axis:f34_main_unit_firmware:*:*:*:*:*:*:*:*
axis f41_main_unit_firmware < 6.50.2.3 cpe:2.3:o:axis:f41_main_unit_firmware:*:*:*:*:*:*:*:*
axis f44_dual_audio_input_firmware < 6.50.2.3 cpe:2.3:o:axis:f44_dual_audio_input_firmware:*:*:*:*:*:*:*:*
axis f44_main_unit_firmware < 6.50.2.3 cpe:2.3:o:axis:f44_main_unit_firmware:*:*:*:*:*:*:*:*
axis fa54_main_unit_firmware < 6.55.4.5 cpe:2.3:o:axis:fa54_main_unit_firmware:*:*:*:*:*:*:*:*
axis m1004-w_firmware < 5.51.5 cpe:2.3:o:axis:m1004-w_firmware:*:*:*:*:*:*:*:*
axis m1013_firmware < 5.51.5 cpe:2.3:o:axis:m1013_firmware:*:*:*:*:*:*:*:*
axis m1014_firmware < 5.51.5 cpe:2.3:o:axis:m1014_firmware:*:*:*:*:*:*:*:*
axis m1025_firmware < 5.51.5 cpe:2.3:o:axis:m1025_firmware:*:*:*:*:*:*:*:*
axis m1033-w_firmware < 5.51.5 cpe:2.3:o:axis:m1033-w_firmware:*:*:*:*:*:*:*:*
axis m1034-w_firmware < 5.51.5 cpe:2.3:o:axis:m1034-w_firmware:*:*:*:*:*:*:*:*
axis m1045-lw_firmware < 8.20.1 cpe:2.3:o:axis:m1045-lw_firmware:*:*:*:*:*:*:*:*
axis m1054_firmware < 5.51.5 cpe:2.3:o:axis:m1054_firmware:*:*:*:*:*:*:*:*
axis m1065-l_firmware < 8.20.1 cpe:2.3:o:axis:m1065-l_firmware:*:*:*:*:*:*:*:*
axis m1065-lw_firmware < 8.20.1 cpe:2.3:o:axis:m1065-lw_firmware:*:*:*:*:*:*:*:*
axis m1103_firmware < 5.51.5 cpe:2.3:o:axis:m1103_firmware:*:*:*:*:*:*:*:*
axis m1104_firmware < 5.51.5 cpe:2.3:o:axis:m1104_firmware:*:*:*:*:*:*:*:*
axis m1113_firmware < 5.51.5 cpe:2.3:o:axis:m1113_firmware:*:*:*:*:*:*:*:*
axis m1113-e_firmware < 5.51.5 cpe:2.3:o:axis:m1113-e_firmware:*:*:*:*:*:*:*:*
axis m1114_firmware < 5.51.5 cpe:2.3:o:axis:m1114_firmware:*:*:*:*:*:*:*:*
axis m1114-e_firmware < 5.51.5 cpe:2.3:o:axis:m1114-e_firmware:*:*:*:*:*:*:*:*
axis m1124_firmware < 6.50.2.3 cpe:2.3:o:axis:m1124_firmware:*:*:*:*:*:*:*:*
axis m1124-e_firmware < 6.50.2.3 cpe:2.3:o:axis:m1124-e_firmware:*:*:*:*:*:*:*:*
axis m1125_firmware < 6.50.2.3 cpe:2.3:o:axis:m1125_firmware:*:*:*:*:*:*:*:*
axis m1125-e_firmware < 6.50.2.3 cpe:2.3:o:axis:m1125-e_firmware:*:*:*:*:*:*:*:*
axis m1143-l_firmware < 5.60.1.10 cpe:2.3:o:axis:m1143-l_firmware:*:*:*:*:*:*:*:*
axis m1144-l_firmware < 5.60.1.10 cpe:2.3:o:axis:m1144-l_firmware:*:*:*:*:*:*:*:*
axis m1145_firmware < 6.50.2.3 cpe:2.3:o:axis:m1145_firmware:*:*:*:*:*:*:*:*
axis m1145-l_firmware < 6.50.2.3 cpe:2.3:o:axis:m1145-l_firmware:*:*:*:*:*:*:*:*
axis m2014-e_firmware < 5.51.5 cpe:2.3:o:axis:m2014-e_firmware:*:*:*:*:*:*:*:*
axis m2025-le_firmware < 8.20.1 cpe:2.3:o:axis:m2025-le_firmware:*:*:*:*:*:*:*:*
axis m2026-le_firmware < 8.20.1 cpe:2.3:o:axis:m2026-le_firmware:*:*:*:*:*:*:*:*
axis m2026-le_mk_ii_firmware < 8.10.1.1 cpe:2.3:o:axis:m2026-le_mk_ii_firmware:*:*:*:*:*:*:*:*
axis m3004-v_firmware < 5.51.5 cpe:2.3:o:axis:m3004-v_firmware:*:*:*:*:*:*:*:*
axis m3005-v_firmware < 5.51.5 cpe:2.3:o:axis:m3005-v_firmware:*:*:*:*:*:*:*:*
axis m3006-v_firmware < 6.50.2.3 cpe:2.3:o:axis:m3006-v_firmware:*:*:*:*:*:*:*:*
axis m3007-p_firmware < 6.50.2.3 cpe:2.3:o:axis:m3007-p_firmware:*:*:*:*:*:*:*:*
axis m3007-pv_firmware < 6.50.2.3 cpe:2.3:o:axis:m3007-pv_firmware:*:*:*:*:*:*:*:*
axis m3014_firmware < 5.51.5 cpe:2.3:o:axis:m3014_firmware:*:*:*:*:*:*:*:*
axis m3015_firmware < 7.15.5.1 cpe:2.3:o:axis:m3015_firmware:*:*:*:*:*:*:*:*
axis m3016_firmware < 7.15.5.1 cpe:2.3:o:axis:m3016_firmware:*:*:*:*:*:*:*:*
axis m3024-lve_firmware < 5.51.5 cpe:2.3:o:axis:m3024-lve_firmware:*:*:*:*:*:*:*:*
axis m3025-ve_firmware < 5.51.5 cpe:2.3:o:axis:m3025-ve_firmware:*:*:*:*:*:*:*:*
axis m3026-ve_firmware < 6.50.2.3 cpe:2.3:o:axis:m3026-ve_firmware:*:*:*:*:*:*:*:*
axis m3027-pve_firmware < 6.50.2.3 cpe:2.3:o:axis:m3027-pve_firmware:*:*:*:*:*:*:*:*
axis m3037-pve_firmware < 6.55.1 cpe:2.3:o:axis:m3037-pve_firmware:*:*:*:*:*:*:*:*
axis m3044-v_firmware < 8.20.1 cpe:2.3:o:axis:m3044-v_firmware:*:*:*:*:*:*:*:*
axis m3044-wv_firmware < 8.20.1 cpe:2.3:o:axis:m3044-wv_firmware:*:*:*:*:*:*:*:*
axis m3045-v_firmware < 8.20.1 cpe:2.3:o:axis:m3045-v_firmware:*:*:*:*:*:*:*:*
axis m3045-wv_firmware < 8.20.1 cpe:2.3:o:axis:m3045-wv_firmware:*:*:*:*:*:*:*:*
axis m3046-v_firmware < 8.20.1 cpe:2.3:o:axis:m3046-v_firmware:*:*:*:*:*:*:*:*
axis m3046-v_1.8mm_firmware < 8.20.1 cpe:2.3:o:axis:m3046-v_1.8mm_firmware:*:*:*:*:*:*:*:*
axis m3047-p_firmware < 7.15.2.3 cpe:2.3:o:axis:m3047-p_firmware:*:*:*:*:*:*:*:*
axis m3048-p_firmware < 7.15.2.3 cpe:2.3:o:axis:m3048-p_firmware:*:*:*:*:*:*:*:*
axis m3104-l_firmware < 8.20.1 cpe:2.3:o:axis:m3104-l_firmware:*:*:*:*:*:*:*:*
axis m3104-lve_firmware < 8.20.1 cpe:2.3:o:axis:m3104-lve_firmware:*:*:*:*:*:*:*:*
axis m3105-l_firmware < 8.20.1 cpe:2.3:o:axis:m3105-l_firmware:*:*:*:*:*:*:*:*
axis m3105-lve_firmware < 8.20.1 cpe:2.3:o:axis:m3105-lve_firmware:*:*:*:*:*:*:*:*
axis m3106-l_firmware < 8.20.1 cpe:2.3:o:axis:m3106-l_firmware:*:*:*:*:*:*:*:*

References for CVE-2018-10658

cvelogic Threat Intelligence