Vulnerabilities > Vivotek > Camera > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-03 CVE-2018-18244 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
network
vivotek CWE-79
4.3
2019-01-03 CVE-2018-18005 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.
network
vivotek CWE-79
4.3
2019-01-03 CVE-2018-18004 Missing Authorization vulnerability in Vivotek Camera
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.
network
low complexity
vivotek CWE-862
5.0
2018-09-05 CVE-2018-14769 Cross-Site Request Forgery (CSRF) vulnerability in Vivotek Camera
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.
network
vivotek CWE-352
6.8