Skip to main content

Vivotek FD8136 CVE-2026-30650

| EUVDEUVD-2026-33967 HIGH
Classic Buffer Overflow (CWE-120)
2026-06-02 mitre GHSA-pxcx-h7gm-pxc9
8.8
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jun 03, 2026 - 16:22 vuln.today
CVSS changed
Jun 03, 2026 - 16:22 NVD
8.8 (HIGH)
CVE Published
Jun 02, 2026 - 00:00 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device remotely.

AnalysisAI

Remote code execution in Vivotek FD8136 IP cameras running firmware FD8136-VVTK-0300a allows authenticated attackers to gain root-level command execution by triggering a buffer overflow in the /cgi-bin/admin/eventtask.cgi admin endpoint. Publicly available exploit code exists in a GitHub research repository, though EPSS scoring (0.09%, 25th percentile) suggests low observed exploitation activity and the CVE is not listed in CISA KEV.

Technical ContextAI

The flaw is a classic CWE-120 buffer copy without checking input size, residing in a CGI binary (eventtask.cgi) that handles event-task configuration within the camera's web administration interface. Vivotek FD8136 is a fixed-dome network surveillance camera that exposes a Linux-based embedded web server; CGI binaries on such devices typically run as root, which directly explains the high-impact outcome. Because the vulnerable code path lives in the admin CGI handler, exploitation requires interacting with the authenticated admin web interface over HTTP(S), and the unbounded copy almost certainly corrupts the stack of the CGI process, enabling control-flow hijack on a platform that usually lacks modern mitigations (ASLR/NX/stack canaries) common in embedded firmware of this generation.

RemediationAI

No vendor-released patch identified at time of analysis - neither the NVD entry nor the EUVD record cites a fixed firmware version, and the only vendor reference is the generic Vivotek homepage. Operators should check Vivotek's product support pages for a firmware update superseding FD8136-VVTK-0300a and apply it once published. In the interim, restrict reachability of the admin interface by placing cameras on a segmented management VLAN, blocking inbound access to /cgi-bin/admin/* from untrusted networks via an upstream reverse proxy or firewall ACL, and enforcing strong, unique admin credentials (since the bug is post-authentication, credential hygiene materially raises the bar). Disabling remote admin access entirely and managing the camera only from a jump host is the most robust compensating control; the trade-off is loss of remote configuration convenience. Researchers have published technical details at https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2026-30650, which defenders can use to build IDS/WAF signatures for oversized parameters to eventtask.cgi.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Share

CVE-2026-30650 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy