CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-14494

Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardware or firmware

Exploit prediction scoring system (EPSS) score

EPSS Score 0.09

EPSS Ranking 92.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://www.vdalabs.com/2018/07/23/professional-iot-hacking-series-target-selection-firmware-analysis/
https://www.vdalabs.com/2018/08/06/professional-iot-hacking-series-hunting-remote-command-injection/
https://www.vdalabs.com/2018/07/23/professional-iot-hacking-series-target-selection-firmware-analysis/
https://www.vdalabs.com/2018/08/06/professional-iot-hacking-series-hunting-remote-command-injection/

Products affected by CVE-2018-14494

Vivotek » Fd8136 » Version: N/A

cpe:2.3:h:vivotek:fd8136:-
Vivotek » Fd8136 Firmware » Version: 0301a

cpe:2.3:o:vivotek:fd8136_firmware:0301a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14494

Products

Pricing

Contact Us