Vulnerability Details CVE-2026-35718
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.6%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2026-35718
-
cpe:2.3:h:vivotek:fd8136:-
-
cpe:2.3:o:vivotek:fd8136_firmware:0300a