An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the upload_file.cgi component.
CVSS Score
9.8
EPSS Score
0.011
Published
2024-02-29
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
CVSS Score
7.5
EPSS Score
0.006
Published
2019-09-18
An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.
CVSS Score
9.8
EPSS Score
0.006
Published
2019-09-10
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-09-10
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.
CVSS Score
5.3
EPSS Score
0.002
Published
2019-01-03
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-03
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-03
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-09-05
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).
CVSS Score
8.8
EPSS Score
0.035
Published
2018-09-05
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.
CVSS Score
8.8
EPSS Score
0.035
Published
2018-09-05
Page 1