Unrated severityNVD Advisory· Published Oct 23, 2025· Updated Oct 23, 2025

XSS vulnerability in Vilar VS-IPC1002 IP cameras

CVE-2025-53701

Description

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.

Affected products

Vilar/VS-IPC1002llm-fuzzy
Range: <=1.1.0.18? (1.1.0.18 tested, others might be vulnerable)
Vilar/VS-IPC1002v5
Range: 1.1.0.18

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/en/posts/2025/10/CVE-2025-53701mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000