Skip to main content
CVE-2017-9828 CRITICAL Emergency

'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 58.3% and no vendor patch available.

Command Injection Network Camera Ib8369 Firmware Network Camera Fd8164 Firmware Network Camera Fd816Ba Firmware
NVD
CVSS 3.0
9.8
EPSS
58.3%
CVE-2017-9772 CRITICAL Act Now

Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAML_CPLUGINS,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ocaml
NVD
CVSS 3.0
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy