CVE-2025-53702

Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated attacker on the same local network might send a crafted request to/cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required.
The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CERT-PLCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
vimicrovs-ipc1002_firmware
1.1.0.18
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.pl/en/posts/2025/10/CVE-2025-53701