A stack-based buffer overflow exists in the export_language.cgi binary of VIVOTEK FD8136 firmware FD8136‑VVTK‑0300a. Authenticated remote attackers can send a crafted POST request to /cgi-bin/admin/export_language.cgi, specifying a Content-Length value that exceeds the 0x60-byte stack buffer. Because the binary is compiled without stack canaries, the oversized value is copied by fread() into the fixed buffer, overwriting the saved link register and allowing the attacker to execute arbitrary code with root privileges. The result is full compromise of confidentiality, integrity, and availability of the affected device.

VIVOTEK devices running the FD8136 firmware version identified as FD8136‑VVTK‑0300a are affected. No additional version details are provided by the CNA, so any device with this firmware build should be considered vulnerable until a patched firmware is released.

The vulnerability can only be exploited by an attacker with authenticated administrative access. Because the firmware lacks stack canaries, the overflow is reliably exploitable once the attacker can send the malicious POST. No KEV listing is available, however the impact is severe due to root code execution. EPSS is not provided, but the lack of protective countermeasures and the requirement of only authenticated access make the likelihood moderate to high for users who have compromised credentials or for devices exposed to open networks. The risk is further amplified if default credentials remain unchanged or if the device is exposed to untrusted traffic.