VIVOTEK.Network.Cameras.Remote.Code.Execution
Description
This indicates an attack attempt to exploit an Remote Code Execution Vulnerability in VIVOTEK Network Cameras.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted HTTP request. An attacker can exploit this to execute remote command on the context of the target system via a crafted HTTP request.
Affected Products
VIVOTEK Network Camera with firmware IB8369-VVTK-0102A
VIVOTEK Network Camera with firmware FD8164-VVTK-0200B
VIVOTEK Network Camera with firmware FD816BA-VVTK-010101
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates:
http://download.vivotek.com/downloadfile/support/cyber-security/vivotek-cyber-security-announcement-20170707.pdf
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |