PT7135 IP Camera
by Vivotek
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1598 | 0.05 | — | 0.20 | Jan 24, 2020 | A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | |||
| CVE-2013-1596 | 0.05 | — | 0.10 | Jan 24, 2020 | An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554. | |||
| CVE-2013-1594 | 0.05 | — | 0.07 | Jan 24, 2020 | An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | |||
| CVE-2013-1595 | 0.04 | — | 0.42 | Jan 24, 2020 | A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. | |||
| CVE-2019-14458 | 0.00 | — | 0.02 | Sep 18, 2019 | VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. | |||
| CVE-2019-14457 | 0.00 | — | 0.03 | Sep 10, 2019 | VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. |
- CVE-2013-1598Jan 24, 2020risk 0.05cvss —epss 0.20
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code.
- CVE-2013-1596Jan 24, 2020risk 0.05cvss —epss 0.10
An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.
- CVE-2013-1594Jan 24, 2020risk 0.05cvss —epss 0.07
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.
- CVE-2013-1595Jan 24, 2020risk 0.04cvss —epss 0.42
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
- CVE-2019-14458Sep 18, 2019risk 0.00cvss —epss 0.02
VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.
- CVE-2019-14457Sep 10, 2019risk 0.00cvss —epss 0.03
VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.