CGI stands for Common Gateway Interface. In the context of network cameras, CGI scripts are used to dynamically generate web pages or control camera functions. For decades, Axis cameras have used CGI commands to allow remote viewing and configuration. For example, a request to http://[camera-ip]/axis-cgi/mjpg.cgi tells the camera’s web server to start doing something.
: An exposed video stream is often a symptom of an entirely unprotected device. If the CGI architecture is outdated, hackers can leverage known vulnerabilities to gain root access to the camera's operating system. From there, the camera can be recruited into an IoT botnet (like the infamous Mirai botnet) to launch massive Distributed Denial of Service (DDoS) attacks or serve as an entry point to lateral into the wider corporate network. How to Secure Network Cameras Against Exposure inurl axis cgi mjpg motion jpeg