Shodan
Vulnerabilities
Vulnerable Software
Vivotek:  Security Vulnerabilities
CVE-2020-11949
testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-05-28
CVE-2020-11950
VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.
CVSS Score
8.8
EPSS Score
0.015
Published
2020-05-28
CVE-2013-1597
A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.
CVSS Score
6.5
EPSS Score
0.104
Published
2020-01-24
CVE-2013-1598
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.
CVSS Score
8.8
EPSS Score
0.311
Published
2020-01-24
CVE-2013-1595
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
CVSS Score
9.8
EPSS Score
0.039
Published
2020-01-24
CVE-2013-1596
An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.
CVSS Score
5.3
EPSS Score
0.234
Published
2020-01-24
CVE-2013-1594
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.
CVSS Score
7.5
EPSS Score
0.224
Published
2020-01-24
CVE-2013-4985
Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream
CVSS Score
7.5
EPSS Score
0.088
Published
2019-12-27
CVE-2019-14458
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-09-18
CVE-2019-10256
An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-09-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved