CVE-2026-30650 - Vulnerability Details

Description

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device remotely.

Published: 2026-06-02

Score: 8.8 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A post‑authentication buffer overflow exists in Vivotek’s FD8136 camera at the /cgi-bin/admin/eventtask.cgi endpoint. Compiled data sent by an authenticated user can overwrite memory, allowing an attacker to run arbitrary code with root privileges. This provides full control over the device, enabling configuration changes, disabling cameras, or using the device as a lateral movement tool.

Affected Systems

The vulnerability affects Vivotek's FD8136 series cameras running firmware version FD8136-VVTK-0300a. No other versions or products are listed as affected in the current data. The flaw is limited to the administrative interface of this specific camera model.

Risk and Exploitability

The attack requires a valid login to the camera’s admin interface but is possible from any network that can reach the device. The CVSS score of 8.8 indicates high severity; however unrestricted root access implies a very high risk. The EPSS score of <1% indicates a very low probability of exploitation, and the issue is not listed in CISA KEV, but because the vulnerability permits full device compromise, it should be treated with high priority.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:vivotek:fd8136_firmware:0300a:*:*:*:*:*:*:*

cpe:2.3:h:vivotek:fd8136:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Vivotek

Fd8136

80%

Version	Status	Scheme	Platform
`FD8136-VVTK-0300a`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Restrict network access to the camera’s admin interface to trusted IP ranges or use a VPN.
Change the default or weak default credentials, enforce strong passwords and consider multi‑factor authentication where supported.
Monitor the camera’s logs for anomalous HTTP requests and consider deploying network intrusion detection for the camera’s IP.
Keep the device’s firmware up to date and apply vendor patches as soon as they are released.

Generated by OpenCVE AI on June 3, 2026 at 18:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00692.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
http://vivotek.com
https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2026-30650

History

Wed, 03 Jun 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Vivotek fd8136 Firmware
CPEs		cpe:2.3:h:vivotek:fd8136:-:::::::* cpe:2.3:o:vivotek:fd8136_firmware:0300a:::::::*
Vendors & Products		Vivotek fd8136 Firmware

Wed, 03 Jun 2026 17:45:00 +0000

Type	Values Removed	Values Added
Title	Remote Buffer Overflow in Vivotek FD8136 Admin Interface Allows Root Code Execution
Weaknesses	CWE-119

Wed, 03 Jun 2026 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-120
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Tue, 02 Jun 2026 17:00:00 +0000

Type	Values Removed	Values Added
Title		Remote Buffer Overflow in Vivotek FD8136 Admin Interface Allows Root Code Execution
Weaknesses		CWE-119

Tue, 02 Jun 2026 16:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Vivotek Vivotek fd8136
Vendors & Products		Vivotek Vivotek fd8136

Tue, 02 Jun 2026 15:45:00 +0000

Type	Values Removed	Values Added
Description		A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device remotely.
References		http://vivotek.com https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2026-30650

Subscriptions

Vivotek Fd8136 Fd8136 Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-06-02T00:00:00.000Z

Updated: 2026-06-03T15:09:17.104Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30650

Vulnrichment

Updated: 2026-06-03T15:08:40.480Z

NVD

Status : Analyzed

Published: 2026-06-02T16:16:35.357

Modified: 2026-06-03T18:41:16.257

Link: CVE-2026-30650

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-03T18:45:40Z

Weaknesses

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object