Vulnerabilities > Vivotek
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-24 | CVE-2013-1595 | Classic Buffer Overflow vulnerability in Vivotek Pt7135 Firmware 0300A/0400A A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. | 9.8 |
| 2020-01-24 | CVE-2013-1594 | Information Exposure vulnerability in Vivotek Pt7135 Firmware 0300A/0400A An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | 7.5 |
| 2019-12-27 | CVE-2013-4985 | Incorrect Authorization vulnerability in Vivotek Ip7160 Firmware, Ip7361 Firmware and Ip8332 Firmware Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream | 7.5 |
| 2019-09-18 | CVE-2019-14458 | Unspecified vulnerability in Vivotek Camera VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. | 7.5 |
| 2019-09-10 | CVE-2019-10256 | Unspecified vulnerability in Vivotek Camera An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. | 9.8 |
| 2019-09-10 | CVE-2019-14457 | Out-of-bounds Write vulnerability in Vivotek Camera VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. | 9.8 |
| 2019-07-10 | CVE-2018-14496 | Out-of-bounds Write vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. | 9.8 |
| 2019-07-10 | CVE-2018-14495 | OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. | 9.8 |
| 2019-07-10 | CVE-2018-14494 | OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. | 9.8 |
| 2019-01-03 | CVE-2018-18244 | Cross-site Scripting vulnerability in Vivotek Camera Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header. | 6.1 |