Vivotek Fd8136 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Vivotek Fd8136 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2018-14494 — CVSS 9.8 (critical): Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17…
CVE-2018-14496 — CVSS 9.8 (critical): Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to…
CVE-2026-30650 — CVSS 8.8 (high): A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of…
CVE-2026-30652 — CVSS 8.8 (high): A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras…
CVE-2026-30649 — CVSS 7.3 (high): Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi…
CVE-2026-35718 — CVSS 6.5 (medium): A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated…
CVE-2026-35716 — CVSS 6.3 (medium): A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote…
CVE-2026-35717 — CVSS 6.3 (medium): A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote…