15 matches found
EUVD-2018-6657
Malware in sbrugna...
Code injection
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 2 of 2 via eventscript.cgi...
CVE-2018-14770
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 1 of 2 via the ONVIF interface, /onvif/deviceservice...
CVE-2018-14769
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF...
Code injection
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 1 of 2 via the ONVIF interface, /onvif/deviceservice...
CVE-2018-14771
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 2 of 2 via eventscript.cgi...
Cross site request forgery (csrf)
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF...
CVE-2018-14771
CVE-2018-14771 affects VIVOTEK FD8177 network cameras prior to XXXXXX-VVTK-xx06a. The issue is a command-injection vulnerability in eventscript.cgi that enables remote code execution. CVSS v3 base score 8.8 (High) with network access, low attack complexity, and no user interaction; impacts confid...
CVE-2018-14769
CVE-2018-14769 affects VIVOTEK FD8177 devices prior to the firmware version XXXXXX-VVTK-xx06a, where a CSRF vulnerability exists. The NVD entry shows a CVSS-3 base score of 8.8 (HIGH) with network attack vector, low attack complexity, no privileges required, and user interaction required; impact ...
CVE-2018-14771
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 2 of 2 via eventscript.cgi...
CVE-2018-14769
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF...
CVE-2018-14770
VIVOTEK FD8177 network cameras are affected by CVE-2018-14770 via the ONVIF interface, specifically the /onvif/device_service endpoint. The root cause is described as a command injection vulnerability that can allow remote attackers to execute arbitrary code. The issue affects FD8177 devices prio...
CVE-2018-14770
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code issue 1 of 2 via the ONVIF interface, /onvif/deviceservice...
VIVOTEK FD8177 Command Injection Vulnerability
VIVOTEK FD8177 is a network camera product from VIVOTEK. A command injection vulnerability exists in versions prior to VIVOTEK FD8177 XXXXXX-VVTK-xx06a, which can be exploited by remote attackers to execute arbitrary code via the eventscript.cgi file...
VIVOTEK FD8177 Command Injection Vulnerability (CNVD-2019-06203)
VIVOTEK FD8177 is a network camera product from VIVOTEK. A command injection vulnerability exists in previous versions of VIVOTEK FD8177 XXXXXX-VVTK-xx06a, which can be exploited by remote attackers to execute arbitrary code via the ONVIF interface...