Stack-based Buffer Overflow in Vivotek FD8136 Devices Allows Remote Code Execution

Stack-based Buffer Overflow in Vivotek FD8136 Devices Allows Remote Code Execution

CVE-2018-14496 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. NOTE: The vendor has disputed this as a vulnerability and states that the issue does not cause a web server crash or have any other affect on it's performance

Learn more about our Web App Pen Testing.