CVE-2013-1596

MEDIUM

Vivotek PT7135 Firmware 0300a and 0400a - Authentication Bypass via RTSP Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1596.

AI-analyzed exploit summary The provided code includes functional exploit scripts for multiple vulnerabilities in Vivotek IP cameras, including a buffer overflow in RTSP (CVE-2013-1595) and an RTSP authentication bypass (CVE-2013-1596). The scripts demonstrate remote code execution and unauthorized access to video streams.

Description

An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.

Exploits (1)

exploitdb WORKING POC
webappshardware
https://www.exploit-db.com/exploits/25139

The provided code includes functional exploit scripts for multiple vulnerabilities in Vivotek IP cameras, including a buffer overflow in RTSP (CVE-2013-1595) and an RTSP authentication bypass (CVE-2013-1596). The scripts demonstrate remote code execution and unauthorized access to video streams.

Classification
Working Poc 100%
Attack Type
Rce | Auth Bypass | Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Vivotek PT7135 IP camera with firmware 0300a and 0400a
No auth needed
Prerequisites: Network access to the target IP camera · RTSP service exposed on port 554
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/59574
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/83945
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/cve/CVE-2013-1596

Scores

CVSS v3 5.3
EPSS 0.1044
EPSS Percentile 95.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-287
Status published
Products (2)
vivotek/pt7135_firmware 0300a
vivotek/pt7135_firmware 0400a
Published Jan 24, 2020
Tracked Since Feb 18, 2026