本页列出影响 vivotek camera 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2019-14458 | VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. | [email protected] | 7.5 | 1.92% | 2019-09-18 | 2026-06-16 |
| CVE-2019-10256 | An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. | [email protected] | 9.8 | 1.26% | 2019-09-10 | 2026-06-16 |
| CVE-2019-14457 | VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. | [email protected] | 9.8 | 2.65% | 2019-09-10 | 2026-06-16 |
| CVE-2018-18244 | Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header. | [email protected] | 6.1 | 0.80% | 2019-01-03 | 2026-06-16 |
| CVE-2018-18005 | Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter. | [email protected] | 6.1 | 0.80% | 2019-01-03 | 2026-06-16 |
| CVE-2018-18004 | Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. | [email protected] | 5.3 | 0.93% | 2019-01-03 | 2026-06-16 |
| CVE-2018-14771 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. | [email protected] | 8.8 | 2.98% | 2018-09-05 | 2026-06-16 |
| CVE-2018-14770 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). | [email protected] | 8.8 | 2.98% | 2018-09-05 | 2026-06-16 |
| CVE-2018-14769 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. | [email protected] | 8.8 | 0.47% | 2018-09-05 | 2026-06-16 |
| CVE-2018-14768 | Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. | [email protected] | 8.8 | 2.95% | 2018-08-29 | 2026-06-16 |