CVE Catalog

CVE-2026-30649

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

30th percentile - higher than 30% of all known CVEs

Summary

A buffer overflow vulnerability in VIVOTEK FD8136-VVTK-0300a camera allows a remote attacker to execute arbitrary code via the set_getparam.cgi component.

Risk Assessment

An attacker can remotely take control of the camera, leading to a breach of confidentiality and integrity of the monitored environment.

Recommendation

Immediately update the camera firmware to the latest version and restrict access to the management interface to trusted networks only.

Original NVD description (English source)

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component

Vulnerability data from NVD (NIST) · CISA KEV · EPSS