Vivotek : Security Vulnerabilities, CVEs, (Overflow)
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.
Max CVSS
9.8
EPSS Score
0.36%
Published
2019-09-10
Updated
2021-07-21
Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance
Max CVSS
9.8
EPSS Score
7.45%
Published
2019-07-10
Updated
2024-03-21
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
Max CVSS
9.8
EPSS Score
7.74%
Published
2020-01-24
Updated
2020-01-27
Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
26.56%
Published
2008-10-28
Updated
2017-09-29
Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control (aka MjpegControl) in MjpegDecoder.dll 2.0.0.13 allows remote attackers to execute arbitrary code via a long PtzUrl property value.
Max CVSS
7.6
EPSS Score
6.41%
Published
2007-06-11
Updated
2017-10-11
5 vulnerabilities found