CVE-2024-26548

2024-02-2900:00:00

mitre

www.cve.org

cve-2024-26548

remote attacker

arbitrary code execution

upload file component

7.7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

An issue in vivotek Network Camera v.FD8166A-VVTK-0204j allows a remote attacker to execute arbitrary code via a crafted payload to the upload_file.cgi component.

References

github.com/cwh031600/vivotek/blob/main/vivotek-FD8166A-uploadfile-dos/vivotek-FD8166A-uploadfile-analysis.md