VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 2, 2026· Updated Jun 2, 2026

CVE-2026-30649

CVE-2026-30649

Description

VIVOTEK FD8136 running firmware FD8136-VVTK-0300a has a pre-authentication buffer overflow in set_getparam.cgi, allowing remote code execution as root.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

VIVOTEK FD8136 running firmware FD8136-VVTK-0300a has a pre-authentication buffer overflow in set_getparam.cgi, allowing remote code execution as root.

Vulnerability

A pre-authentication stack buffer overflow vulnerability exists in the /cgi-bin/anonymous/setparam.cgi endpoint of VIVOTEK FD8136 devices running firmware version FD8136-VVTK-0300a. The setparam.cgi handler copies the POST body into a fixed-size stack buffer using sprintf without performing length checks, leading to a buffer overflow. [2]

Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, oversized POST request to the /cgi-bin/anonymous/setparam.cgi endpoint. The overflow allows an attacker to overwrite the saved return address on the stack, redirecting control flow to execute arbitrary code. The heap is non-randomized and executable, and the binary runs as root without stack canaries, simplifying exploitation. [2]

Impact

Successful exploitation of this vulnerability allows an unauthenticated attacker to execute arbitrary commands with root privileges on the affected VIVOTEK device. [2]

Mitigation

This vulnerability affects VIVOTEK FD8136 firmware version FD8136-VVTK-0300a. A patch or updated firmware is not yet disclosed in the available references. Users are advised to consult VIVOTEK for potential fixes or workarounds. [1, 2]

References
  1. vulnerability-research/CVE-2026-30649 at main · xchg-rax-rax/vulnerability-research

AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

2

News mentions

0

No linked articles in our index yet.