First published: Wed Jul 10 2019(Updated: )
** DISPUTED ** Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Vivotek Fd8136 Firmware | =0301a | |
Vivotek FD8136 | ||
All of | ||
Vivotek Fd8136 Firmware | =0301a | |
Vivotek FD8136 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-14495 is a vulnerability that allows remote command injection in Vivotek FD8136 devices.
The severity of CVE-2018-14495 is critical with a score of 9.8.
CVE-2018-14495 allows remote command injection in Vivotek FD8136 devices.
There is currently no fix available for CVE-2018-14495. Consider applying security patches or updates from the vendor if they become available.
You can find more information about CVE-2018-14495 at the following references: [link1](https://www.vdalabs.com/2018/07/23/professional-iot-hacking-series-target-selection-firmware-analysis/) and [link2](https://www.vdalabs.com/2018/08/06/professional-iot-hacking-series-hunting-remote-command-injection/)