Description
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 (Firmware modules) allows OS Command Injection.This issue affects Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330: 0100a, 0106a, 0106b, 0107a, 0107b_1, 0109a, 0112a, 0113a, 0113d, 0117b, 0119e, 0120b, 0121, 0121d, 0121d_48573_1, 0122e, 0124d_48573_1, 012501, 012502, 0125c.
Published: 2026-01-13
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: OS Command Injection
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from improper handling of user-supplied input in the upload_map.cgi module of certain Vivotek firmware versions, enabling an attacker to inject and execute arbitrary operating‑system commands. An attacker who can reach the web interface of a vulnerable device could thus gain full control over the device’s operating system, leading to complete compromise of the camera and potentially any network resources the device is connected to. The weakness is described as Command Injection (CWE‑77).

Affected Systems

The affected devices are Vivotek cameras with the following model numbers: FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391, FE9180, FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371, IB9381, IB9387, IB9389, IB939, IP9165, IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330.

Risk and Exploitability

The CVSS score of 9.3 indicates a critical severity. The EPSS score of less than 1% suggests that exploitation attempts have been rare to date, yet the vulnerability persists in firmware up to version 0125c. It is not listed in the CISA KEV catalog. Based on the description, the flaw is likely exploitable via the web interface’s upload_map.cgi endpoint; authentication requirements are not explicitly stated, so any user with access to the device’s management interface could potentially leverage the injection unless network segmentation or access control limits exposure.

Generated by OpenCVE AI on April 18, 2026 at 06:46 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the device firmware to a version that removes the vulnerable upload_map.cgi module.
  • Disable or block the upload_map.cgi endpoint on the device’s web interface, so that external requests cannot reach the vulnerable functionality.
  • Restrict network access to the device’s management IP by firewall rules or network segmentation, allowing only trusted internal IP ranges to contact the camera’s web interface.
  • Enable detailed logging for web requests to the upload_map.cgi endpoint and monitor logs for suspicious command injection attempts.

Generated by OpenCVE AI on April 18, 2026 at 06:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 20 Jan 2026 20:45:00 +0000

Type Values Removed Values Added
Title Remote code injection via upload_map.cgi in Legacy Vivotek Devices Legacy Vivotek Camera Firmware Command Injection in upload_map.cgi
References

Wed, 14 Jan 2026 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Vivotek
Vivotek fd8365
Vivotek fd8365v2
Vivotek fd9165
Vivotek fd9171
Vivotek fd9187
Vivotek fd9189
Vivotek fd9365
Vivotek fd9371
Vivotek fd9381
Vivotek fd9387
Vivotek fd9389
Vivotek fd9391
Vivotek fe9180
Vivotek fe9181
Vivotek fe9191
Vivotek fe9381
Vivotek fe9382
Vivotek fe9391
Vivotek fe9582
Vivotek ib93587lpr
Vivotek ib9365
Vivotek ib9371
Vivotek ib9381
Vivotek ib9387
Vivotek ib9389
Vivotek ib939
Vivotek ip9165
Vivotek ip9171
Vivotek ip9172
Vivotek ip9181
Vivotek ip9191
Vivotek it9389
Vivotek ma9321
Vivotek ma9322
Vivotek ms9321
Vivotek ms9390
Vivotek tb9330
Vendors & Products Vivotek
Vivotek fd8365
Vivotek fd8365v2
Vivotek fd9165
Vivotek fd9171
Vivotek fd9187
Vivotek fd9189
Vivotek fd9365
Vivotek fd9371
Vivotek fd9381
Vivotek fd9387
Vivotek fd9389
Vivotek fd9391
Vivotek fe9180
Vivotek fe9181
Vivotek fe9191
Vivotek fe9381
Vivotek fe9382
Vivotek fe9391
Vivotek fe9582
Vivotek ib93587lpr
Vivotek ib9365
Vivotek ib9371
Vivotek ib9381
Vivotek ib9387
Vivotek ib9389
Vivotek ib939
Vivotek ip9165
Vivotek ip9171
Vivotek ip9172
Vivotek ip9181
Vivotek ip9191
Vivotek it9389
Vivotek ma9321
Vivotek ma9322
Vivotek ms9321
Vivotek ms9390
Vivotek tb9330

Tue, 13 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 15:30:00 +0000

Type Values Removed Values Added
Title Use of default login credentials in Legacy Vivotek Devices Remote code injection via upload_map.cgi in Legacy Vivotek Devices

Tue, 13 Jan 2026 15:15:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 (Firmware modules) allows OS Command Injection.This issue affects Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330: 0100a, 0106a, 0106b, 0107a, 0107b_1, 0109a, 0112a, 0113a, 0113d, 0117b, 0119e, 0120b, 0121, 0121d, 0121d_48573_1, 0122e, 0124d_48573_1, 012501, 012502, 0125c.
Title Use of default login credentials in Legacy Vivotek Devices
Weaknesses CWE-77
References
Metrics cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/AU:Y/U:Amber'}
cve-icon MITRE

Status: PUBLISHED

Assigner: larry_cashdollar

Published:

Updated: 2026-01-20T20:33:02.780Z

Reserved: 2026-01-09T14:27:11.646Z

Link: CVE-2026-22755

cve-icon Vulnrichment

Updated: 2026-01-13T15:29:47.058Z

cve-icon NVD

Status : Deferred

Published: 2026-01-13T15:16:01.193

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-22755

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T07:00:11Z

Weaknesses