Vivotek ND9424P NVR

Platform Information https://www.vivotek.com/nd9424p#specifications
Search Engine Search on Google
End of Sales -
End of Support -
Wired Connection Yes
Wireless Connection -
Fingerprinting Source HTTPS NIC VENDOR
Added at May 14, 2019
Manufacturer Name Vivotek INC
Homepage http://www.vivotek.com
Headquarters Taiwan
Business Status Ongoing

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2018-18244
01/03/2019
MEDIUM
MEDIUM
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
CVE-2018-18005
01/03/2019
MEDIUM
MEDIUM
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.
CVE-2018-18004
01/03/2019
MEDIUM
MEDIUM
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.
CVE-2018-14771
09/05/2018
HIGH
HIGH
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.
CVE-2018-14770
09/05/2018
HIGH
HIGH
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).