CVE-2025-66052 | Vivotek IP7137 0200a setparam.cgi system_ntpIt os command injection

Inserito da Angelo Barbosa | Gen 9, 2026 | CVE

A vulnerability identified as critical has been detected in Vivotek IP7137 0200a. Impacted is an unknown function of the file /cgi-bin/admin/setparam.cgi. This manipulation of the argument system_ntpIt causes os command injection. This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2025-66052. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-66052 | Vivotek IP7137 0200a setparam.cgi system_ntpIt os command injection

Post correlati

CVE-2024-36531 | NukeViet upload.php unrestricted upload

CVE-2023-42800 | moonlight-stream moonlight-common-c GameStream Client buffer overflow (GHSA-4927-23jw-rq62)

CVE-2024-2719 | Campcodes Complete Online DJ Booking System 1.0 /admin/admin-profile.php adminname cross site scripting

CVE-2025-66421 | Tryton sao up to 6.0.68/7.0.39/7.4.20/7.6.10 Completion cross site scripting (Issue 14363)