VYPR
Unrated severityNVD Advisory· Published May 28, 2020· Updated Aug 4, 2024

CVE-2020-11949

CVE-2020-11949

Description

testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.

Affected products

2
  • VIVOTEK/Network Camerasdescription
  • Vivotek/IT9388-HTllm-create
    Range: before XXXXX-VVTK-2.2002.xx.01x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.