Lewis Patten

10 exploits Active since Dec 2025
CVE-2026-30649 WRITEUP HIGH WRITEUP
VIVOTEK INC FD8136-VVTK-0300a - Buffer Overflow via set_getparam.cgi
Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component
CVSS 7.3
CVE-2026-30650 WRITEUP HIGH WRITEUP
Vivotek FD8136 FD8136-VVTK-0300a - Authenticated Remote Buffer Overflow in Event Task CGI
A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device remotely.
CVSS 8.8
CVE-2026-30652 WRITEUP HIGH WRITEUP
Vivotek FD8136 FD8136-VVTK-0300a - Authenticated Remote Code Execution via setdo.cgi Buffer Overflow
A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device.
CVSS 8.8
CVE-2026-35716 WRITEUP MEDIUM WRITEUP
VIVOTEK FD8136 FD8136-VVTK-0300a - Authenticated Remote Code Execution via Oversized n1 Parameter
A stack-based buffer overflow in the motion_privacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or /cgi-bin/admin/setmd_profile.cgi endpoint (all symlinks to the same binary). The parameter value is copied into a fixed-size 0xa4-byte stack buffer without bounds checking, overwriting the saved link register. The binary is compiled without stack canaries.
CVSS 6.3
CVE-2026-35717 WRITEUP MEDIUM WRITEUP
VIVOTEK FD8136 FD8136-VVTK-0300a - Authenticated Stack-Based Buffer Overflow via Export Language CGI
A stack-based buffer overflow in the export_language.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via a crafted POST request to the /cgi-bin/admin/export_language.cgi endpoint. The handler passes the attacker-controlled Content-Length value directly to fread() as the read size into a fixed-size 0x60-byte stack buffer, overwriting the saved link register. The binary is compiled without stack canaries.
CVSS 6.3
CVE-2026-35718 WRITEUP MEDIUM WRITEUP
VIVOTEK INC FD8136-VVTK 0300a - Authenticated Path Traversal via /admin/downloadMedias.cgi
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request.
CVSS 6.5
CVE-2025-57198 WRITEUP HIGH WRITEUP
AVTECH DGM1104 FullImg-1015-1004-1006-1003 - Authenticated Command Injection via Machine.cgi Endpoint
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the Machine.cgi endpoint. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
CVSS 8.8
CVE-2025-57200 WRITEUP MEDIUM WRITEUP
AVTECH DGM1104 Firmware FullImg-1015-1004-1006-1003 - Authenticated Command Injection via test_mail Function
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the test_mail function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
CVSS 6.5
CVE-2025-57201 WRITEUP HIGH WRITEUP
AVTECH DGM1104 Firmware FullImg-1015-1004-1006-1003 - Authenticated Command Injection via SMB Server Function
AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the SMB server function. This vulnerability allows attackers to execute arbitrary commands via a crafted input.
CVSS 8.8
CVE-2025-57202 WRITEUP MEDIUM WRITEUP
AVTECH DGM1104 FullImg-1015-1004-1006-1003 - Stored Cross-Site Scripting via PwdGrp.cgi Username Field
A stored cross-site scripting (XSS) vulnerability in the PwdGrp.cgi endpoint of AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the username field.
CVSS 6.1