Product:

Camera

(Vivotek)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 10
Date Id Summary Products Score Patch Annotated
2019-09-10 CVE-2019-14457 VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. Camera 9.8
2019-01-03 CVE-2018-18004 Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. Camera 5.3
2018-09-05 CVE-2018-14771 VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. Camera 8.8
2018-09-05 CVE-2018-14770 VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). Camera 8.8
2018-08-29 CVE-2018-14768 Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. Camera 8.8
2019-09-18 CVE-2019-14458 VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. Camera N/A
2019-09-10 CVE-2019-10256 An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. Camera N/A
2019-01-03 CVE-2018-18244 Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header. Camera 6.1
2019-01-03 CVE-2018-18005 Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter. Camera 6.1
2018-09-05 CVE-2018-14769 VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. Camera 8.8