CVE-2013-1594

HIGH

Vivotek Pt7135 Firmware - Information Disclosure

Title source: rule

Description

An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappshardware

https://www.exploit-db.com/exploits/25139

View Code ZIP pw:eip

References (6)

[Exploit, Third Party Advisory, VDB Entry] http://www.exploit-db.com/exploits/25139

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/59572

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/83943

[Exploit, Third Party Advisory] https://github.com/offensive-security/exploitdb/blob/master/exploits/hardware/webapps/25139.txt

[Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/cve/CVE-2013-1594

[Exploit, Third Party Advisory] https://www.coresecurity.com/advisories/vivotek-ip-cameras-multiple-vulnerabilities

Scores

CVSS v3 7.5

EPSS 0.2244

EPSS Percentile 95.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (2)

vivotek/pt7135_firmware

Timeline

Published Jan 24, 2020

Tracked Since Feb 18, 2026