VYPR

VS-IPC1002

by Vilar

CVEs (2)

  • CVE-2025-53701Oct 23, 2025
    risk 0.00cvss epss 0.00

    Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way.…

  • CVE-2025-53702Oct 23, 2025
    risk 0.00cvss epss 0.00

    Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is…