Vulnerabilities > Vivotek > Fd8136 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-10 CVE-2018-14495 OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A
Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494.
network
low complexity
vivotek CWE-78
critical
9.8
2019-07-10 CVE-2018-14496 Out-of-bounds Write vulnerability in Vivotek Fd8136 Firmware 0301A
Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi.
network
low complexity
vivotek CWE-787
critical
9.8
2019-07-10 CVE-2018-14494 OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A
Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget.
network
low complexity
vivotek CWE-78
critical
9.8