Arbitrary System Service Activation Vulnerability in VIVOTEK Network Camera Series

Arbitrary System Service Activation Vulnerability in VIVOTEK Network Camera Series

CVE-2018-18004 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.

Learn more about our Network Penetration Testing.