Vulnerabilities > Vivotek > Network Camera Fd8164 Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-06-23 CVE-2017-9829 Path Traversal vulnerability in Vivotek products
'/cgi-bin/admin/downloadMedias.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable, which allows remote attackers to read any file on the camera's Linux filesystem via a crafted HTTP request containing ".." sequences.
network
low complexity
vivotek CWE-22
7.5
2017-06-23 CVE-2017-9828 OS Command Injection vulnerability in Vivotek products
'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request.
network
low complexity
vivotek CWE-78
critical
9.8