Vulnerabilities > Vivotek > Camera

DATE CVE VULNERABILITY TITLE RISK
2019-09-18 CVE-2019-14458 Unspecified vulnerability in Vivotek Camera
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
network
low complexity
vivotek
7.8
2019-09-10 CVE-2019-10256 Unspecified vulnerability in Vivotek Camera
An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.
network
low complexity
vivotek
7.5
2019-09-10 CVE-2019-14457 Classic Buffer Overflow vulnerability in Vivotek Camera
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
network
low complexity
vivotek CWE-120
7.5
2019-01-03 CVE-2018-18244 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
network
vivotek CWE-79
4.3
2019-01-03 CVE-2018-18005 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.
network
vivotek CWE-79
4.3
2019-01-03 CVE-2018-18004 Missing Authorization vulnerability in Vivotek Camera
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.
network
low complexity
vivotek CWE-862
5.0
2018-09-05 CVE-2018-14771 Unspecified vulnerability in Vivotek Camera
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.
network
low complexity
vivotek
critical
9.0
2018-09-05 CVE-2018-14770 Unspecified vulnerability in Vivotek Camera
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).
network
low complexity
vivotek
critical
9.0
2018-09-05 CVE-2018-14769 Cross-Site Request Forgery (CSRF) vulnerability in Vivotek Camera
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.
network
vivotek CWE-352
6.8
2018-08-29 CVE-2018-14768 Unspecified vulnerability in Vivotek Camera
Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.
network
low complexity
vivotek
critical
9.0