Vivotek ND9424P NVR

Platform Information https://www.vivotek.com/nd9424p#specifications
Search Engine Search on Google
End of Sales -
End of Support -
Wired Connection Yes
Wireless Connection -
Fingerprinting Source HTTPS NIC VENDOR
Added at May 14, 2019
Manufacturer Name Vivotek INC
Homepage http://www.vivotek.com
Headquarters Taiwan
Business Status Ongoing
Acquisition Company Delta Energy Systems, Inc more info
Acquisition Company Homepage http://www.deltaenergysystems.com

Platform’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
No records found.
Manufacturer’s Common Vulnerabilities and Exposures (CVE)
CVE-ID
Severity v3.0
Severity v2.0
Description
CVE-2018-14496
07/10/2019
CRITICAL
HIGH
Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi.
CVE-2018-14495
07/10/2019
CRITICAL
HIGH
Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494.
CVE-2018-14494
07/10/2019
CRITICAL
HIGH
Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget.
CVE-2018-18244
01/03/2019
MEDIUM
MEDIUM
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
CVE-2018-18005
01/03/2019
MEDIUM
MEDIUM
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.