CVE-2020-11949

testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
vivotekcc9381-hv_firmware
𝑥
≤ 0222g
vivotekfd9360-h_firmware
𝑥
≤ 0222g
vivotekfd9368-htv_firmware
𝑥
≤ 0222g
vivotekfd9380-h_firmware
𝑥
≤ 0222g
vivotekfd9388-htv_firmware
𝑥
≤ 0222g
vivotekib9360-h_firmware
𝑥
≤ 0222g
vivotekib9368-ht_firmware
𝑥
≤ 0222g
vivotekib9380-h_firmware
𝑥
≤ 0222g
vivotekib9388-ht_firmware
𝑥
≤ 0222g
vivotekit9360-h_firmware
𝑥
≤ 0222g
vivotekit9380-h_firmware
𝑥
≤ 0222g
vivotekit9388-ht_firmware
𝑥
≤ 0222g
vivotekmd9560-dh_firmware
𝑥
≤ 0222g
vivotekmd9560-h_firmware
𝑥
≤ 0222g
vivotekfd9366-hv_firmware
𝑥
≤ 0222g
vivotekfd9166-hn_firmware
𝑥
≤ 0222g
vivotekfe9380-hv_firmware
𝑥
≤ 0222k
vivotekcc8160_firmware
𝑥
≤ 0113b
vivotekcc8160\(hs\)_firmware
𝑥
≤ 0113b
vivotekcc8370-hv_firmware
𝑥
≤ 0213b
vivotekcc8371-hv_firmware
𝑥
≤ 0113b
vivotekcd8371-hntv_firmware
𝑥
≤ 0113b
vivotekcd8371-hnvf2_firmware
𝑥
≤ 0113b
vivotekfd8166a_firmware
𝑥
≤ 0213b
vivotekfd8166a-n_firmware
𝑥
≤ 0113b
vivotekfd8167a_firmware
𝑥
≤ 0213b
vivotekfd8169a_firmware
𝑥
≤ 0213b
vivotekfd8367a-v_firmware
𝑥
≤ 0213b
vivotekfd8369a-v_firmware
𝑥
≤ 0213b
vivotekfd816ba-hf2_firmware
𝑥
≤ 0113b
vivotekfd836ba-hvf2_firmware
𝑥
≤ 0113b
vivotekfd836ba-htv_firmware
𝑥
≤ 0113b
vivotekfd836ba-ehvf2_firmware
𝑥
≤ 0113b
vivotekfd816ba-ht_firmware
𝑥
≤ 0113b
vivotekfd836ba-ehtv_firmware
𝑥
≤ 0113b
vivotekib836ba-ehf3_firmware
𝑥
≤ 0113b
vivotekib836ba-eht_firmware
𝑥
≤ 0113b
vivotekib836ba-hf3_firmware
𝑥
≤ 0113b
vivotekib836ba-ht_firmware
𝑥
≤ 0113b
vivotekfd816b-hf2_firmware
𝑥
≤ 0113b
vivotekfd816b-ht_firmware
𝑥
≤ 0113b
vivotekfd836b-ehtv_firmware
𝑥
≤ 0113b
vivotekfd836b-ehvf2_firmware
𝑥
≤ 0113b
vivotekfd836b-htv_firmware
𝑥
≤ 0113b
vivotekfd836b-hvf2_firmware
𝑥
≤ 0113b
vivotekib836b-ehf3_firmware
𝑥
≤ 0113b
vivotekib836b-eht_firmware
𝑥
≤ 0113b
vivotekib836b-hf3_firmware
𝑥
≤ 0113b
vivotekib836b-hrf3_firmware
𝑥
≤ 0113b
vivotekib836b-ht_firmware
𝑥
≤ 0113b
vivotekfd816ca-hf2_firmware
𝑥
≤ 0113b
vivotekfd816c-hf2_firmware
𝑥
≤ 0213b
vivotekfd8182-f1_firmware
𝑥
≤ 0113b
vivotekfd8182-f2_firmware
𝑥
≤ 0113b
vivotekfd8182-t_firmware
𝑥
≤ 0113b
vivotekfd8382-etv_firmware
𝑥
≤ 0113b
vivotekfd8382-evf2_firmware
𝑥
≤ 0113b
vivotekfd8382-tv_firmware
𝑥
≤ 0113b
vivotekfd8382-vf2_firmware
𝑥
≤ 0113b
vivotekib8382-ef3_firmware
𝑥
≤ 0113b
vivotekib8382-et_firmware
𝑥
≤ 0113b
vivotekib8382-f3_firmware
𝑥
≤ 0213b
vivotekib8382-t_firmware
𝑥
≤ 0113b
vivotekfd8366-v_firmware
𝑥
≤ 0113b
vivotekib8367a_firmware
𝑥
≤ 0213b
vivotekib8369a_firmware
𝑥
≤ 0213b
vivotekip8166_firmware
𝑥
≤ 0213b
vivotekmd8563-deh_firmware
𝑥
≤ 0113b
vivotekmd8563-eh_firmware
𝑥
≤ 0113b
vivotekmd8564-eh_firmware
𝑥
≤ 0113b
vivotekmd8565-n_firmware
𝑥
≤ 0113b
vivotekvc8101_firmware
𝑥
≤ 0113b
vivotekvs8100-v2_firmware
𝑥
≤ 0113b
vivotekip8160_firmware
𝑥
≤ 0113a
vivotekip8160-w_firmware
𝑥
≤ 0113a
vivotekib8360_firmware
𝑥
≤ 0113a
vivotekib8360-w_firmware
𝑥
≤ 0113a
vivotekip9171-hp_firmware
𝑥
≤ 0113b
vivotekip9181-h_firmware
𝑥
≤ 0113b
vivotekfd9371-ehtv_firmware
𝑥
≤ 0113b
vivotekfd9381-ehtv_firmware
𝑥
≤ 0113b
vivotekib9371-eht_firmware
𝑥
≤ 0113b
vivotekib9381-eht_firmware
𝑥
≤ 0113b
vivotekfd9171-ht_firmware
𝑥
≤ 0113b
vivotekfd9181-ht_firmware
𝑥
≤ 0113b
vivotekfe9181-h_firmware
𝑥
≤ 0113b
vivotekfe9182-h_firmware
𝑥
≤ 0113b
vivotekfe9381-ehv_firmware
𝑥
≤ 0113b
vivotekfe9382-ehv_firmware
𝑥
≤ 0113b
vivotekfe9180-h_firmware
𝑥
≤ 0113b
vivotekfe9582-ehnv_firmware
𝑥
≤ 0113b
vivoteksd9161-h_firmware
𝑥
≤ 0114a
vivoteksd9361-ehl_firmware
𝑥
≤ 0114a
vivoteksd9362-ehl_firmware
𝑥
≤ 0114a
vivoteksd9362-eh_firmware
𝑥
≤ 0114a
vivoteksd9363-ehl_firmware
𝑥
≤ 0114a
vivoteksd9364-eh_firmware
𝑥
≤ 0114a
vivoteksd9364-ehl_firmware
𝑥
≤ 0114a
vivoteksd9363-ehl-v2_firmware
𝑥
≤ 0114a
vivoteksd9364-ehl-v2_firmware
𝑥
≤ 0114a
vivoteksd9362-eh-v2_firmware
𝑥
≤ 0104j
vivoteksd9364-eh-v2_firmware
𝑥
≤ 0104j
vivoteksd9366-eh-v2_firmware
𝑥
≤ 0104j
vivoteksd9366-ehl_firmware
𝑥
≤ 0114a
vivoteksd9366-eh_firmware
𝑥
≤ 0114a
vivoteksd9365-ehl_firmware
𝑥
≤ 0114a
vivotekiz9361-eh_firmware
𝑥
≤ 0114a
vivotekfd9187-h_firmware
𝑥
≤ 0121d
vivotekfd9187-ht_firmware
𝑥
≤ 0121d
vivotekfd9387-ehtv_firmware
𝑥
≤ 0121d
vivotekfd9387-ehv_firmware
𝑥
≤ 0121d
vivotekfd9387-htv_firmware
𝑥
≤ 0121d
vivotekfd9387-hv_firmware
𝑥
≤ 0121d
vivotekib9387-eh_firmware
𝑥
≤ 0121d
vivotekib9387-eht_firmware
𝑥
≤ 0121d
vivotekib9387-h_firmware
𝑥
≤ 0121d
vivotekib9387-ht_firmware
𝑥
≤ 0121d
vivotekfd9189-h_firmware
𝑥
≤ 0121d
vivotekfd9189-hm_firmware
𝑥
≤ 0121d
vivotekfd9189-ht_firmware
𝑥
≤ 0121d
vivotekfd9389-hv_firmware
𝑥
≤ 0121d
vivotekfd9389-hmv_firmware
𝑥
≤ 0121d
vivotekfd9389-htv_firmware
𝑥
≤ 0121d
vivotekfd9389-ehmv_firmware
𝑥
≤ 0121d
vivotekfd9389-ehtv_firmware
𝑥
≤ 0121d
vivotekfd9389-ehv_firmware
𝑥
≤ 0121d
vivotekib9389-eh_firmware
𝑥
≤ 0121d
vivotekib9389-ehm_firmware
𝑥
≤ 0121d
vivotekib9389-eht_firmware
𝑥
≤ 0121d
vivotekib9389-h_firmware
𝑥
≤ 0121d
vivotekib9389-hm_firmware
𝑥
≤ 0121d
vivotekib9389-ht_firmware
𝑥
≤ 0121d
vivotekfd9165-ht_firmware
𝑥
≤ 0121d
vivotekfd9365-ehtv_firmware
𝑥
≤ 0121d
vivotekfd9365-htv_firmware
𝑥
≤ 0121d
vivotekfd9365-htvl_firmware
𝑥
≤ 0121d
vivotekib9365-ht_firmware
𝑥
≤ 0121d
vivotekib9365-eht_firmware
𝑥
≤ 0121d
vivotekip9165-hp_firmware
𝑥
≤ 0121d
vivotekip9165-ht_firmware
𝑥
≤ 0121d
vivotekip9165-lpc_firmware
𝑥
≤ 0121d
vivotekfd9391-ehtv_firmware
𝑥
≤ 0121d
vivotekfe9191_firmware
𝑥
≤ 0124c
vivotekip9191-hp_firmware
𝑥
≤ 0121d
vivotekip9191-ht_firmware
𝑥
≤ 0121d
vivotekfe9391-ev_firmware
𝑥
≤ 0124c
vivotekib9391-eht_firmware
𝑥
≤ 0121d
vivotekip9172-lpc\(freeway\)_firmware
𝑥
≤ 0121d
vivotekit9389-h_firmware
𝑥
≤ 0121d
vivotekit9389-ht_firmware
𝑥
≤ 0121d
vivotekmd9561-h_firmware
𝑥
≤ 0121d
vivotekmd9581-h_firmware
𝑥
≤ 0121d
vivotekms9390-hv_firmware
𝑥
≤ 0121d
vivotektb9330-e_firmware
𝑥
≤ 0121d
vivotektb9331-e_firmware
𝑥
≤ 0121d
vivoteksd9374-ehl_firmware
𝑥
≤ 0123b
vivotekfd9167-h_firmware
𝑥
≤ 0113b
vivotekfd9167-ht_firmware
𝑥
≤ 0113b
vivotekfd9367-ehtv_firmware
𝑥
≤ 0113b
vivotekfd9367-htv_firmware
𝑥
≤ 0113b
vivotekfd9367-hv_firmware
𝑥
≤ 0113b
vivotekfd9367-htv\(epoc\)_firmware
-
vivotekib9367-eh_firmware
𝑥
≤ 0113b
vivotekib9367-eht_firmware
𝑥
≤ 0113b
vivotekib9367-h_firmware
𝑥
≤ 0113b
vivotekib9367-ht_firmware
𝑥
≤ 0113b
vivotekip9167-hp_firmware
𝑥
≤ 0113b
vivotekip9167-ht_firmware
𝑥
≤ 0113b
vivotekma9321-ehtv_firmware
𝑥
≤ 0113a
vivotekms9321-ehv_firmware
𝑥
≤ 0100i
vivotekma9322-ehtv_firmware
𝑥
≤ 0114c
vivotekfd8177-h_firmware
𝑥
≤ 0113b
vivotekfd8377-hv_firmware
𝑥
≤ 0113b
vivotekfd8177-ht_firmware
𝑥
≤ 0113b
vivotekfd8377-ehtv_firmware
𝑥
≤ 0113b
vivotekfd8377-htv_firmware
𝑥
≤ 0113b
vivotekfd8179-h_firmware
𝑥
≤ 0113b
vivotekfd8379-hv_firmware
𝑥
≤ 0113b
vivotekib8377-h_firmware
𝑥
≤ 0113b
vivotekib8377-ht_firmware
𝑥
≤ 0113b
vivotekib8377-eht_firmware
𝑥
≤ 0113b
vivotekfd9165-ht-a_firmware
𝑥
≤ 0100m
vivotekfd9365-htv-a_firmware
𝑥
≤ 0100m
vivotekfd9365-ehtv-a_firmware
𝑥
≤ 0100m
vivotekfd9187-ht-a_firmware
𝑥
≤ 0100m
vivotekfd9387-htv-a_firmware
𝑥
≤ 0100m
vivotekfd9387-ehtv-a_firmware
𝑥
≤ 0100m
vivotekib9365-eht-a_firmware
𝑥
≤ 0100m
vivotekib9365-ht-a_firmware
𝑥
≤ 0100m
vivotekib9387-eht-a_firmware
𝑥
≤ 0100m
vivotekib9387-ht-a_firmware
𝑥
≤ 0100m
vivotekip9164-ht_firmware
𝑥
≤ 0100m
vivotekip9164-lpc_firmware
𝑥
≤ 0100m
vivotekip9165-lpc\(i-cs_kit\)_firmware
𝑥
≤ 0113d
𝑥
= Vulnerable software versions
References
http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001-v1.pdf
http://download.vivotek.com/downloadfile/support/cyber-security/vvtk-sa-2020-001-v1.pdf