Lucene search
+L
VivotekIp7137 Firmware

4 matches found

CVE
CVE
added 2026/01/09 11:53 a.m.31 views

CVE-2025-66049

Affected product: Vivotek IP7137 camera with firmware 0200a. Vulnerabilities: (1) information disclosure via RTSP on port 8554 without authentication, exposing live feed; (2) command injection via /cgi-bin/admin/setparam.cgi with parameter system_ntpIt, exploitable by an admin user; (3) path trav...

8.7CVSS5.9AI score0.00366EPSS
CVE
CVE
added 2026/01/09 11:54 a.m.30 views

CVE-2025-66052

The CVE-2025-66052 entry concerns the Vivotek IP7137 camera with firmware 0200a. The vulnerability is a command injection in /cgi-bin/admin/setparam.cgi via the non-sanitized system_ntpIt parameter, exploitable by a user with administrative privileges. The issue is compounded by CVE-2025-66050, w...

8.6CVSS6.6AI score0.01329EPSS
Web
CVE
CVE
added 2026/01/09 11:54 a.m.18 views

CVE-2025-66051

CVE-2025-66051 affects the Vivotek IP7137 camera running firmware 0200a. A path traversal flaw allows an authenticated attacker to access resources outside the webroot via a direct HTTP request. The issue is linked to end-of-life status of the product and there is no expected fix. The vulnerabili...

6.9CVSS6.4AI score0.0071EPSS
CVE
CVE
added 2026/01/09 11:53 a.m.15 views

CVE-2025-66050

CVE-2025-66050 (Vivotek IP7137, firmware 0200a) is linked to multiple issues: path traversal (CVE-2025-66051), information disclosure via RTSP without authentication (CVE-2025-66049), and command injection through /cgi-bin/admin/setparam.cgi (CVE-2025-66052). All references indicate default admin...

9.8CVSS6.5AI score0.00334EPSS