Lucene search
+L

70 matches found

cvelist
cvelist
added 2026/06/02 12:0 a.m.46 views

CVE-2026-30652

A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device...

0.00523EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/02 12:0 a.m.45 views

CVE-2026-30649

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the setgetparam.cgi component...

0.00377EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/02 12:0 a.m.51 views

CVE-2026-30650

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device...

0.00599EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/02 12:0 a.m.48 views

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

0.00322EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/02 12:0 a.m.44 views

CVE-2026-35718

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...

0.00723EPSS
Exploits0References1
cve
cve
added 2026/06/02 12:0 a.m.27 views

CVE-2026-35717

CVE-2026-35717 affects VIVOTEK FD8136 firmware FD8136-VVTK-0300a, specifically the export_language.cgi endpoint. The vulnerability is a stack-based buffer overflow where the handler passes the attacker-controlled Content-Length value directly to fread() as the read size into a fixed-size 0x60-byt...

6.3CVSS6.5AI score0.00261EPSS
Exploits0References1Affected Software1
redhatcve
redhatcve
added 2026/01/09 12:23 p.m.10 views

CVE-2018-14494

Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardwa...

10CVSS6.7AI score0.03232EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 12:22 p.m.10 views

CVE-2018-14495

Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other...

10CVSS7.3AI score0.04412EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 3:12 a.m.7 views

CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

9.8CVSS8.3AI score0.04064EPSS
Exploits1References1
cnvd
cnvd
added 2019/07/16 12:0 a.m.6 views

Vivotek FD8136 Command Injection Vulnerability (CNVD-2019-22783)

Vivotek FD8136 is a hemispherical network camera from Vivotek, Taiwan, China. A command injection vulnerability exists in the Vivotek FD8136. The vulnerability arises from a network system or product not properly filtering specific elements of externally input data during the construction of...

10CVSS7.8AI score0.03232EPSS
Exploits0References1
cnvd
cnvd
added 2019/07/12 12:0 a.m.5 views

Vivotek FD8136 Buffer Overflow Vulnerability

Vivotek FD8136 is a hemispherical network camera from Vivotek, Taiwan, China. A buffer overflow vulnerability exists in the Vivotek FD8136, which can be exploited by an attacker to cause a buffer overflow or heap overflow...

9.8CVSS7.4AI score0.04064EPSS
Exploits1References1
nvd
nvd
added 2019/07/10 2:15 p.m.13 views

CVE-2018-14495

Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other...

10CVSS9.9AI score0.04412EPSS
Exploits1References2
osv
osv
added 2019/07/10 2:15 p.m.5 views

CVE-2018-14495

Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other...

9.8CVSS5.8AI score0.04412EPSS
Exploits1References2
osv
osv
added 2019/07/10 2:15 p.m.4 views

CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

9.8CVSS6.6AI score0.04064EPSS
Exploits1References2
nvd
nvd
added 2019/07/10 2:15 p.m.17 views

CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

9.8CVSS10AI score0.04064EPSS
Exploits1References2
prion
prion
added 2019/07/10 2:15 p.m.22 views

Stack overflow

DISPUTED Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server...

7.5CVSS9.9AI score0.04064EPSS
Exploits1References2Affected Software1
prion
prion
added 2019/07/10 2:15 p.m.14 views

Command injection

DISPUTED Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any...

10CVSS9.9AI score0.04412EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2019/07/10 1:25 p.m.22 views

CVE-2018-14496

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocalbuff4326, and setgetparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or...

10AI score0.04064EPSS
Exploits1References2
cve
cve
added 2019/07/10 1:25 p.m.44 views

CVE-2018-14496

CVE-2018-14496 affects Vivotek FD8136 devices. The vulnerability is a stack-based buffer overflow in the web CGI endpoint “/set_getparam.cgi” related to the use of sprintf and a local buffer (vlocal_buff_4326), enabling remote memory corruption and remote code execution. Multiple sources corrobor...

9.8CVSS9.9AI score0.04064EPSS
Exploits1References2Affected Software1
cve
cve
added 2019/07/10 1:20 p.m.58 views

CVE-2018-14495

CVE-2018-14495 concerns Vivotek FD8136 devices with a reported Remote Command Injection vulnerability. Connected sources (Red Hat CVEs RH:CVE-2018-14494 and RH:CVE-2018-14495) describe a related issue and indicate vendor disputes, noting that the vulnerability is contested and may not affect curr...

10CVSS9.8AI score0.04412EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder