Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-11949
HistoryMay 28, 2020 - 1:15 p.m.

CVE-2020-11949

2020-05-2813:15:11
[email protected]
web.nvd.nist.gov
117
vivotek
network cameras
testserver.cgi
vulnerability
it9388-ht
cve-2020-11949
nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera’s local filesystem. For example, this affects IT9388-HT devices.

Affected configurations

NVD
Node
vivotekcc9381-hv_firmwareRange0222g
AND
vivotekcc9381-hvMatch-
Node
vivotekfd9360-h_firmwareRange0222g
AND
vivotekfd9360-hMatch-
Node
vivotekfd9368-htv_firmwareRange0222g
AND
vivotekfd9368-htvMatch-
Node
vivotekfd9380-h_firmwareRange0222g
AND
vivotekfd9380-hMatch-
Node
vivotekfd9388-htv_firmwareRange0222g
AND
vivotekfd9388-htvMatch-
Node
vivotekib9360-h_firmwareRange0222g
AND
vivotekib9360-hMatch-
Node
vivotekib9368-ht_firmwareRange0222g
AND
vivotekib9368-htMatch-
Node
vivotekib9380-h_firmwareRange0222g
AND
vivotekib9380-hMatch-
Node
vivotekib9388-ht_firmwareRange0222g
AND
vivotekib9388-htMatch-
Node
vivotekit9360-h_firmwareRange0222g
AND
vivotekit9360-hMatch-
Node
vivotekit9380-h_firmwareRange0222g
AND
vivotekit9380-hMatch-
Node
vivotekit9388-ht_firmwareRange0222g
AND
vivotekit9388-htMatch-
Node
vivotekmd9560-dh_firmwareRange0222g
AND
vivotekmd9560-dhMatch-
Node
vivotekmd9560-h_firmwareRange0222g
AND
vivotekmd9560-hMatch-
Node
vivotekfd9366-hv_firmwareRange0222g
AND
vivotekfd9366-hvMatch-
Node
vivotekfd9166-hn_firmwareRange0222g
AND
vivotekfd9166-hnMatch-
Node
vivotekfe9380-hv_firmwareRange0222k
AND
vivotekfe9380-hvMatch-
Node
vivotekcc8160_firmwareRange0113b
AND
vivotekcc8160Match-
Node
vivotekcc8160\(hs\)_firmwareRange0113b
AND
vivotekcc8160\(hs\)Match-
Node
vivotekcc8370-hv_firmwareRange0213b
AND
vivotekcc8370-hvMatch-
Node
vivotekcc8371-hv_firmwareRange0113b
AND
vivotekcc8371-hvMatch-
Node
vivotekcd8371-hntv_firmwareRange0113b
AND
vivotekcd8371-hntvMatch-
Node
vivotekcd8371-hnvf2_firmwareRange0113b
AND
vivotekcd8371-hnvf2Match-
Node
vivotekfd8166a_firmwareRange0213b
AND
vivotekfd8166aMatch-
Node
vivotekfd8166a-n_firmwareRange0113b
AND
vivotekfd8166a-nMatch-
Node
vivotekfd8167a_firmwareRange0213b
AND
vivotekfd8167aMatch-
Node
vivotekfd8169a_firmwareRange0213b
AND
vivotekfd8169aMatch-
Node
vivotekfd8367a-v_firmwareRange0213b
AND
vivotekfd8367a-vMatch-
Node
vivotekfd8369a-v_firmwareRange0213b
AND
vivotekfd8369a-vMatch-
Node
vivotekfd816ba-hf2_firmwareRange0113b
AND
vivotekfd816ba-hf2Match-
Node
vivotekfd836ba-hvf2_firmwareRange0113b
AND
vivotekfd836ba-hvf2Match-
Node
vivotekfd836ba-htv_firmwareRange0113b
AND
vivotekfd836ba-htvMatch-
Node
vivotekfd836ba-ehvf2_firmwareRange0113b
AND
vivotekfd836ba-ehvf2Match-
Node
vivotekfd816ba-ht_firmwareRange0113b
AND
vivotekfd816ba-htMatch-
Node
vivotekfd836ba-ehtv_firmwareRange0113b
AND
vivotekfd836ba-ehtvMatch-
Node
vivotekib836ba-ehf3_firmwareRange0113b
AND
vivotekib836ba-ehf3Match-
Node
vivotekib836ba-eht_firmwareRange0113b
AND
vivotekib836ba-ehtMatch-
Node
vivotekib836ba-hf3_firmwareRange0113b
AND
vivotekib836ba-hf3Match-
Node
vivotekib836ba-ht_firmwareRange0113b
AND
vivotekib836ba-htMatch-
Node
vivotekfd816b-hf2_firmwareRange0113b
AND
vivotekfd816b-hf2Match-
Node
vivotekfd816b-ht_firmwareRange0113b
AND
vivotekfd816b-htMatch-
Node
vivotekfd836b-ehtv_firmwareRange0113b
AND
vivotekfd836b-ehtvMatch-
Node
vivotekfd836b-ehvf2_firmwareRange0113b
AND
vivotekfd836b-ehvf2Match-
Node
vivotekfd836b-htv_firmwareRange0113b
AND
vivotekfd836b-htvMatch-
Node
vivotekfd836b-hvf2_firmwareRange0113b
AND
vivotekfd836b-hvf2Match-
Node
vivotekib836b-ehf3_firmwareRange0113b
AND
vivotekib836b-ehf3Match-
Node
vivotekib836b-eht_firmwareRange0113b
AND
vivotekib836b-ehtMatch-
Node
vivotekib836b-hf3_firmwareRange0113b
AND
vivotekib836b-hf3Match-
Node
vivotekib836b-hrf3_firmwareRange0113b
AND
vivotekib836b-hrf3Match-
Node
vivotekib836b-ht_firmwareRange0113b
AND
vivotekib836b-htMatch-
Node
vivotekfd816ca-hf2_firmwareRange0113b
AND
vivotekfd816ca-hf2Match-
Node
vivotekfd816c-hf2_firmwareRange0213b
AND
vivotekfd816c-hf2Match-
Node
vivotekfd8182-f1_firmwareRange0113b
AND
vivotekfd8182-f1Match-
Node
vivotekfd8182-f2_firmwareRange0113b
AND
vivotekfd8182-f2Match-
Node
vivotekfd8182-t_firmwareRange0113b
AND
vivotekfd8182-tMatch-
Node
vivotekfd8382-etv_firmwareRange0113b
AND
vivotekfd8382-etvMatch-
Node
vivotekfd8382-evf2_firmwareRange0113b
AND
vivotekfd8382-evf2Match-
Node
vivotekfd8382-tv_firmwareRange0113b
AND
vivotekfd8382-tvMatch-
Node
vivotekfd8382-vf2_firmwareRange0113b
AND
vivotekfd8382-vf2Match-
Node
vivotekib8382-ef3_firmwareRange0113b
AND
vivotekib8382-ef3Match-
Node
vivotekib8382-et_firmwareRange0113b
AND
vivotekib8382-etMatch-
Node
vivotekib8382-f3_firmwareRange0213b
AND
vivotekib8382-f3Match-
Node
vivotekib8382-t_firmwareRange0113b
AND
vivotekib8382-tMatch-
Node
vivotekfd8366-v_firmwareRange0113b
AND
vivotekfd8366-vMatch-
Node
vivotekib8367a_firmwareRange0213b
AND
vivotekib8367aMatch-
Node
vivotekib8369a_firmwareRange0213b
AND
vivotekib8369aMatch-
Node
vivotekip8166_firmwareRange0213b
AND
vivotekip8166Match-
Node
vivotekmd8563-deh_firmwareRange0113b
AND
vivotekmd8563-dehMatch-
Node
vivotekmd8563-eh_firmwareRange0113b
AND
vivotekmd8563-ehMatch-
Node
vivotekmd8564-eh_firmwareRange0113b
AND
vivotekmd8564-ehMatch-
Node
vivotekmd8565-n_firmwareRange0113b
AND
vivotekmd8565-nMatch-
Node
vivotekvc8101_firmwareRange0113b
AND
vivotekvc8101Match-
Node
vivotekvs8100-v2_firmwareRange0113b
AND
vivotekvs8100-v2Match-
Node
vivotekip8160_firmwareRange0113a
AND
vivotekip8160Match-
Node
vivotekip8160-w_firmwareRange0113a
AND
vivotekip8160-wMatch-
Node
vivotekib8360_firmwareRange0113a
AND
vivotekib8360Match-
Node
vivotekib8360-w_firmwareRange0113a
AND
vivotekib8360-wMatch-
Node
vivotekip9171-hp_firmwareRange0113b
AND
vivotekip9171-hpMatch-
Node
vivotekip9181-h_firmwareRange0113b
AND
vivotekip9181-hMatch-
Node
vivotekfd9371-ehtv_firmwareRange0113b
AND
vivotekfd9371-ehtvMatch-
Node
vivotekfd9381-ehtv_firmwareRange0113b
AND
vivotekfd9381-ehtvMatch-
Node
vivotekib9371-eht_firmwareRange0113b
AND
vivotekib9371-ehtMatch-
Node
vivotekib9381-eht_firmwareRange0113b
AND
vivotekib9381-ehtMatch-
Node
vivotekfd9171-ht_firmwareRange0113b
AND
vivotekfd9171-htMatch-
Node
vivotekfd9181-ht_firmwareRange0113b
AND
vivotekfd9181-htMatch-
Node
vivotekfe9181-h_firmwareRange0113b
AND
vivotekfe9181-hMatch-
Node
vivotekfe9182-h_firmwareRange0113b
AND
vivotekfe9182-hMatch-
Node
vivotekfe9381-ehv_firmwareRange0113b
AND
vivotekfe9381-ehvMatch-
Node
vivotekfe9382-ehv_firmwareRange0113b
AND
vivotekfe9382-ehvMatch-
Node
vivotekfe9180-h_firmwareRange0113b
AND
vivotekfe9180-hMatch-
Node
vivotekfe9582-ehnv_firmwareRange0113b
AND
vivotekfe9582-ehnvMatch-
Node
vivoteksd9161-h_firmwareRange0114a
AND
vivoteksd9161-hMatch-
Node
vivoteksd9361-ehl_firmwareRange0114a
AND
vivoteksd9361-ehlMatch-
Node
vivoteksd9362-ehl_firmwareRange0114a
AND
vivoteksd9362-ehlMatch-
Node
vivoteksd9362-eh_firmwareRange0114a
AND
vivoteksd9362-ehMatch-
Node
vivoteksd9363-ehl_firmwareRange0114a
AND
vivoteksd9363-ehlMatch-
Node
vivoteksd9364-eh_firmwareRange0114a
AND
vivoteksd9364-ehMatch-
Node
vivoteksd9364-ehl_firmwareRange0114a
AND
vivoteksd9364-ehlMatch-
Node
vivoteksd9363-ehl-v2_firmwareRange0114a
AND
vivoteksd9363-ehl-v2Match-
Node
vivoteksd9364-ehl-v2_firmwareRange0114a
AND
vivoteksd9364-ehl-v2Match-
Node
vivoteksd9362-eh-v2_firmwareRange0104j
AND
vivoteksd9362-eh-v2Match-
Node
vivoteksd9364-eh-v2_firmwareRange0104j
AND
vivoteksd9364-eh-v2Match-
Node
vivoteksd9366-eh-v2_firmwareRange0104j
AND
vivoteksd9366-eh-v2Match-
Node
vivoteksd9366-ehl_firmwareRange0114a
AND
vivoteksd9366-ehlMatch-
Node
vivoteksd9366-eh_firmwareRange0114a
AND
vivoteksd9366-ehMatch-
Node
vivoteksd9365-ehl_firmwareRange0114a
AND
vivoteksd9365-ehlMatch-
Node
vivotekiz9361-eh_firmwareRange0114a
AND
vivotekiz9361-ehMatch-
Node
vivotekfd9187-h_firmwareRange0121d
AND
vivotekfd9187-hMatch-
Node
vivotekfd9187-ht_firmwareRange0121d
AND
vivotekfd9187-htMatch-
Node
vivotekfd9387-ehtv_firmwareRange0121d
AND
vivotekfd9387-ehtvMatch-
Node
vivotekfd9387-ehv_firmwareRange0121d
AND
vivotekfd9387-ehvMatch-
Node
vivotekfd9387-htv_firmwareRange0121d
AND
vivotekfd9387-htvMatch-
Node
vivotekfd9387-hv_firmwareRange0121d
AND
vivotekfd9387-hvMatch-
Node
vivotekib9387-eh_firmwareRange0121d
AND
vivotekib9387-ehMatch-
Node
vivotekib9387-eht_firmwareRange0121d
AND
vivotekib9387-ehtMatch-
Node
vivotekib9387-h_firmwareRange0121d
AND
vivotekib9387-hMatch-
Node
vivotekib9387-ht_firmwareRange0121d
AND
vivotekib9387-htMatch-
Node
vivotekfd9189-h_firmwareRange0121d
AND
vivotekfd9189-hMatch-
Node
vivotekfd9189-hm_firmwareRange0121d
AND
vivotekfd9189-hmMatch-
Node
vivotekfd9189-ht_firmwareRange0121d
AND
vivotekfd9189-htMatch-
Node
vivotekfd9389-hvMatch-
AND
vivotekfd9389-hv_firmwareRange0121d
Node
vivotekfd9389-hmvMatch-
AND
vivotekfd9389-hmv_firmwareRange0121d
Node
vivotekfd9389-htvMatch-
AND
vivotekfd9389-htv_firmwareRange0121d
Node
vivotekfd9389-ehmvMatch-
AND
vivotekfd9389-ehmv_firmwareRange0121d
Node
vivotekfd9389-ehtvMatch-
AND
vivotekfd9389-ehtv_firmwareRange0121d
Node
vivotekfd9389-ehvMatch-
AND
vivotekfd9389-ehv_firmwareRange0121d
Node
vivotekib9389-ehMatch-
AND
vivotekib9389-eh_firmwareRange0121d
Node
vivotekib9389-ehmMatch-
AND
vivotekib9389-ehm_firmwareRange0121d
Node
vivotekib9389-eht_firmwareRange0121d
AND
vivotekib9389-ehtMatch-
Node
vivotekib9389-h_firmwareRange0121d
AND
vivotekib9389-hMatch-
Node
vivotekib9389-hm_firmwareRange0121d
AND
vivotekib9389-hmMatch-
Node
vivotekib9389-ht_firmwareRange0121d
AND
vivotekib9389-htMatch-
Node
vivotekfd9165-ht_firmwareRange0121d
AND
vivotekfd9165-htMatch-
Node
vivotekfd9365-ehtv_firmwareRange0121d
AND
vivotekfd9365-ehtvMatch-
Node
vivotekfd9365-htv_firmwareRange0121d
AND
vivotekfd9365-htvMatch-
Node
vivotekfd9365-htvl_firmwareRange0121d
AND
vivotekfd9365-htvlMatch-
Node
vivotekib9365-ht_firmwareRange0121d
AND
vivotekib9365-htMatch-
Node
vivotekib9365-eht_firmwareRange0121d
AND
vivotekib9365-ehtMatch-
Node
vivotekip9165-hp_firmwareRange0121d
AND
vivotekip9165-hpMatch-
Node
vivotekip9165-ht_firmwareRange0121d
AND
vivotekip9165-htMatch-
Node
vivotekip9165-lpc_firmwareRange0121d
AND
vivotekip9165-lpcMatch-
Node
vivotekfd9391-ehtv_firmwareRange0121d
AND
vivotekfd9391-ehtvMatch-
Node
vivotekfe9191_firmwareRange0124c
AND
vivotekfe9191Match-
Node
vivotekip9191-hp_firmwareRange0121d
AND
vivotekip9191-hpMatch-
Node
vivotekip9191-ht_firmwareRange0121d
AND
vivotekip9191-htMatch-
Node
vivotekfe9391-ev_firmwareRange0124c
AND
vivotekfe9391-evMatch-
Node
vivotekib9391-eht_firmwareRange0121d
AND
vivotekib9391-ehtMatch-
Node
vivotekip9172-lpc\(freeway\)_firmwareRange0121d
AND
vivotekip9172-lpc\(freeway\)Match-
Node
vivotekit9389-h_firmwareRange0121d
AND
vivotekit9389-hMatch-
Node
vivotekit9389-ht_firmwareRange0121d
AND
vivotekit9389-htMatch-
Node
vivotekmd9561-h_firmwareRange0121d
AND
vivotekmd9561-hMatch-
Node
vivotekmd9581-h_firmwareRange0121d
AND
vivotekmd9581-hMatch-
Node
vivotekms9390-hv_firmwareRange0121d
AND
vivotekms9390-hvMatch-
Node
vivotektb9330-e_firmwareRange0121d
AND
vivotektb9330-eMatch-
Node
vivotektb9331-e_firmwareRange0121d
AND
vivotektb9331-eMatch-
Node
vivoteksd9374-ehl_firmwareRange0123b
AND
vivoteksd9374-ehlMatch-
Node
vivotekfd9167-h_firmwareRange0113b
AND
vivotekfd9167-hMatch-
Node
vivotekfd9167-ht_firmwareRange0113b
AND
vivotekfd9167-htMatch-
Node
vivotekfd9367-ehtv_firmwareRange0113b
AND
vivotekfd9367-ehtvMatch-
Node
vivotekfd9367-htv_firmwareRange0113b
AND
vivotekfd9367-htvMatch-
Node
vivotekfd9367-hv_firmwareRange0113b
AND
vivotekfd9367-hvMatch-
Node
vivotekfd9367-htv\(epoc\)_firmwareMatch-
AND
vivotekfd9367-htv\(epoc\)Match-
Node
vivotekib9367-eh_firmwareRange0113b
AND
vivotekib9367-ehMatch-
Node
vivotekib9367-eht_firmwareRange0113b
AND
vivotekib9367-ehtMatch-
Node
vivotekib9367-h_firmwareRange0113b
AND
vivotekib9367-hMatch-
Node
vivotekib9367-ht_firmwareRange0113b
AND
vivotekib9367-htMatch-
Node
vivotekip9167-hp_firmwareRange0113b
AND
vivotekip9167-hpMatch-
Node
vivotekip9167-ht_firmwareRange0113b
AND
vivotekip9167-htMatch-
Node
vivotekma9321-ehtv_firmwareRange0113a
AND
vivotekma9321-ehtvMatch-
Node
vivotekms9321-ehv_firmwareRange0100i
AND
vivotekms9321-ehvMatch-
Node
vivotekma9322-ehtv_firmwareRange0114c
AND
vivotekma9322-ehtvMatch-
Node
vivotekfd8177-h_firmwareRange0113b
AND
vivotekfd8177-hMatch-
Node
vivotekfd8377-hv_firmwareRange0113b
AND
vivotekfd8377-hvMatch-
Node
vivotekfd8177-ht_firmwareRange0113b
AND
vivotekfd8177-htMatch-
Node
vivotekfd8377-ehtv_firmwareRange0113b
AND
vivotekfd8377-ehtvMatch-
Node
vivotekfd8377-htv_firmwareRange0113b
AND
vivotekfd8377-htvMatch-
Node
vivotekfd8179-h_firmwareRange0113b
AND
vivotekfd8179-hMatch-
Node
vivotekfd8379-hv_firmwareRange0113b
AND
vivotekfd8379-hvMatch-
Node
vivotekib8377-h_firmwareRange0113b
AND
vivotekib8377-hMatch-
Node
vivotekib8377-ht_firmwareRange0113b
AND
vivotekib8377-htMatch-
Node
vivotekib8377-eht_firmwareRange0113b
AND
vivotekib8377-ehtMatch-
Node
vivotekfd9165-ht-a_firmwareRange0100m
AND
vivotekfd9165-ht-aMatch-
Node
vivotekfd9365-htv-a_firmwareRange0100m
AND
vivotekfd9365-htv-aMatch-
Node
vivotekfd9365-ehtv-a_firmwareRange0100m
AND
vivotekfd9365-ehtv-aMatch-
Node
vivotekfd9187-ht-a_firmwareRange0100m
AND
vivotekfd9187-ht-aMatch-
Node
vivotekfd9387-htv-a_firmwareRange0100m
AND
vivotekfd9387-htv-aMatch-
Node
vivotekfd9387-ehtv-a_firmwareRange0100m
AND
vivotekfd9387-ehtv-aMatch-
Node
vivotekib9365-eht-a_firmwareRange0100m
AND
vivotekib9365-eht-aMatch-
Node
vivotekib9365-ht-a_firmwareRange0100m
AND
vivotekib9365-ht-aMatch-
Node
vivotekib9387-eht-a_firmwareRange0100m
AND
vivotekib9387-eht-aMatch-
Node
vivotekib9387-ht-a_firmwareRange0100m
AND
vivotekib9387-ht-aMatch-
Node
vivotekip9164-ht_firmwareRange0100m
AND
vivotekip9164-htMatch-
Node
vivotekip9164-lpc_firmwareRange0100m
AND
vivotekip9164-lpcMatch-
Node
vivotekip9165-lpc\(i-cs_kit\)_firmwareRange0113d
AND
vivotekip9165-lpc\(i-cs_kit\)Match-

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2020-11949
2020-05-28 12:43:32
nvd
nvd
CVE-2020-11949
2020-05-28 13:15:11
prion
prion
Code injection
2020-05-28 13:15:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON
Related for CVE-2020-11949
cvelist1nvd1prion1