Vulnerabilities > Vivotek > Pt7135 Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-01-24 CVE-2013-1598 OS Command Injection vulnerability in Vivotek Pt7135 Firmware 0300A/0400A
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.
network
low complexity
vivotek CWE-78
8.8
2020-01-24 CVE-2013-1597 Path Traversal vulnerability in Vivotek Pt7135 Firmware 0300A/0400A
A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials.
network
low complexity
vivotek CWE-22
6.5
2020-01-24 CVE-2013-1596 Improper Authentication vulnerability in Vivotek Pt7135 Firmware 0300A/0400A
An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.
network
low complexity
vivotek CWE-287
5.3
2020-01-24 CVE-2013-1595 Classic Buffer Overflow vulnerability in Vivotek Pt7135 Firmware 0300A/0400A
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
network
low complexity
vivotek CWE-120
critical
9.8
2020-01-24 CVE-2013-1594 Information Exposure vulnerability in Vivotek Pt7135 Firmware 0300A/0400A
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.
network
low complexity
vivotek CWE-200
7.5