Vulnerability Description
VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vivotek | Cc9381-Hv Firmware | <= 0222g |
| Vivotek | Cc9381-Hv | - |
| Vivotek | Fd9360-H Firmware | <= 0222g |
| Vivotek | Fd9360-H | - |
| Vivotek | Fd9368-Htv Firmware | <= 0222g |
| Vivotek | Fd9368-Htv | - |
| Vivotek | Fd9380-H Firmware | <= 0222g |
| Vivotek | Fd9380-H | - |
| Vivotek | Fd9388-Htv Firmware | <= 0222g |
| Vivotek | Fd9388-Htv | - |
| Vivotek | Ib9360-H Firmware | <= 0222g |
| Vivotek | Ib9360-H | - |
| Vivotek | Ib9368-Ht Firmware | <= 0222g |
| Vivotek | Ib9368-Ht | - |
| Vivotek | Ib9380-H Firmware | <= 0222g |
| Vivotek | Ib9380-H | - |
| Vivotek | Ib9388-Ht Firmware | <= 0222g |
| Vivotek | Ib9388-Ht | - |
| Vivotek | It9360-H Firmware | <= 0222g |
| Vivotek | It9360-H | - |
Related Weaknesses (CWE)
References
- http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001Vendor Advisory
- http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001Vendor Advisory
FAQ
What is CVE-2020-11950?
CVE-2020-11950 is a vulnerability with a CVSS score of 8.8 (HIGH). VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For e...
How severe is CVE-2020-11950?
CVE-2020-11950 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-11950?
Check the references section above for vendor advisories and patch information. Affected products include: Vivotek Cc9381-Hv Firmware, Vivotek Cc9381-Hv, Vivotek Fd9360-H Firmware, Vivotek Fd9360-H, Vivotek Fd9368-Htv Firmware.