![]() ![]() ** DISPUTED ** Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance. ** DISPUTED ** Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. ** DISPUTED ** Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. ![]() VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.Īn authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found.Ĭross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.Ĭross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter. VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. For example, this affects IT9388-HT devices. Testserver.cgi of the web service on VIVOTEK Network Cameras before .01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. ![]() → Click here for the "Vivotek Comparison Charts" which makes it easier to make your choice.VIVOTEK Network Cameras before .01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). Vivotek camera's work perfectly with NAS solutions from Synology, AVTECH or Qnap. The cameras are easily accessed via the embedded Web server, live images can be recorded in MPEG4 on the local hard disk. E-mails on alarm, activation of a digital input or motion detection is standard on all models. Many Vivotek models have an SD card slot on which images can be stored locally on an SD card. Most models are IP66 classified and are also equipped with waterproof RJ45 connectors. All cameras are supplied with wall bracket and mounting hardware. On the design of the camera is very well thought, most Vivotek models are making use of Power-Over-Ethernet (PoE) but can also make use of a standard adapter. Vivotek has a complete line of cameras from simple entry-level to advanced security solutions, some available with 2 and 3 megapixel resolution. You can easily manage the connected cameras via a web browser or Vivotek surveillance software. Individually effective and reliable solutions. Vivotek Inc specializes in network cameras, IP cameras, video servers, video receivers, NVR, and IP surveillance. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |