Vivotek

Fd8136 Firmware

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.26%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 05.07.2026 02:17:46

A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST request to the /cgi-bin/admin/export_language.cgi ...

  • EPSS 0.38%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 05.07.2026 02:17:44

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component

  • EPSS 0.6%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 05.07.2026 02:17:44

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to ...

  • EPSS 0.52%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 04.07.2026 22:16:42

A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as...

  • EPSS 0.32%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 05.07.2026 02:17:45

A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/...

  • EPSS 0.72%
  • Veröffentlicht 02.06.2026 00:00:00
  • Zuletzt bearbeitet 05.07.2026 02:17:46

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request.

Exploit
  • EPSS 4.41%
  • Veröffentlicht 10.07.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 03:49:11

Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not...

Exploit
  • EPSS 4.06%
  • Veröffentlicht 10.07.2019 14:15:10
  • Zuletzt bearbeitet 21.11.2024 03:49:11

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states tha...

  • EPSS 3.23%
  • Veröffentlicht 10.07.2019 13:15:10
  • Zuletzt bearbeitet 21.11.2024 03:49:11

Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does no...