VYPR
Unrated severityNVD Advisory· Published Oct 23, 2025· Updated Oct 23, 2025

XSS vulnerability in Vilar VS-IPC1002 IP cameras

CVE-2025-53701

Description

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Vilar/VS-IPC1002llm-fuzzy2 versions
    <=1.1.0.18? (1.1.0.18 tested, others might be vulnerable)+ 1 more
    • (no CPE)range: <=1.1.0.18? (1.1.0.18 tested, others might be vulnerable)
    • (no CPE)range: 1.1.0.18

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.