Cross-Site Request Forgery Vulnerability in VIVOTEK FD8177 Devices
CVE-2018-14769

8.8HIGH

Key Information:

Vendor: Vivotek
Status: Camera
Vendor: CVE Published:; 5 September 2018

What is CVE-2018-14769?

VIVOTEK FD8177 devices, prior to a specific firmware version, are susceptible to Cross-Site Request Forgery attacks. This vulnerability permits an attacker to execute unauthorized commands on the FD8177 device without the user's consent, potentially compromising the system's integrity. Users are encouraged to update their devices to the latest firmware to mitigate this risk. Detailed information regarding the security advisory can be found in the provided documentation.

References

http://download.vivotek.com/downloadfile/support/cyber-se...

x_refsource_CONFIRM

https://www.vivotek.com/website/support/cybersecurity

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2018
Vulnerability Reserved
Jul 31, 2018

Vivotek

What is CVE-2018-14769?

References

CVSS V3.1

Timeline