CVE-2013-4985
HIGHVivotek IP7160 IP7361 IP8332 Firmware - Unauthenticated RTSP Authentication Bypass
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2013-4985. PoCs published by Core Security.
AI-analyzed exploit summary This PoC exploits an authentication bypass vulnerability in Vivotek IP cameras by intercepting and modifying RTSP traffic to bypass basic authentication, allowing unauthorized access to the video stream.
Description
Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Core Security · textwebappshardware
https://www.exploit-db.com/exploits/29516
This PoC exploits an authentication bypass vulnerability in Vivotek IP cameras by intercepting and modifying RTSP traffic to bypass basic authentication, allowing unauthorized access to the video stream.
Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target:
Vivotek IP cameras (firmware 0105a, 0105b)
No auth needed
Prerequisites:
Camera RTSP authentication set to 'basic' · Network access to the camera's RTSP port (default 554)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/63541
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://www.exploit-db.com/exploits/29516
Exploit, Third Party Advisory x_refsource_misc
http://www.coresecurity.com/advisories/vivotek-ip-cameras-rtsp-authentication-bypass
Scores
CVSS v3
7.5
EPSS
0.0897
EPSS Percentile
94.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-863
Status
published
Products (6)
vivotek/ip7160_firmware
0105a
vivotek/ip7160_firmware
0105b
vivotek/ip7361_firmware
0105a
vivotek/ip7361_firmware
0105b
vivotek/ip8332_firmware
0105a
vivotek/ip8332_firmware
0105b
Published
Dec 27, 2019
Tracked Since
Feb 18, 2026