7 matches found
CVE-2026-35718
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...
CVE-2026-35718
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...
CVE-2026-35717
A stack-based buffer overflow in the exportlanguage.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST request to the /cgi-bin/admin/exportlanguage.cgi endpoint. The handler passes the...
CVE-2026-35718
Summary: CVE-2026-35718 is a path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK FD8136-VVTK firmware 0300a. Affected component: firmware running on VIVOTEK FD8136-VVTK. Root cause: crafted requests allow traversal to read arbitrary files due to improper input handli...
CVE-2026-35718
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request...
Command Injection in Vivotek Legacy Firmware: What You Need to Know
...
Vivotek IP Cameras - RTSP Authentication Bypass
Vivotek IP Cameras - RTSP Authentication Bypass Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras RTSP Authentication Bypass 1. Advisory Information Title: Vivotek IP Cameras RTSP Authentication Bypass Advisory ID: CORE-2013-0704 Advisory URL:...