ID
VAR-202606-1002
CVE
CVE-2026-35718
TITLE
VIVOTEK Inc. of Network Camera FD8136 Path traversal vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2026-018162
DESCRIPTION
A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request. - No rewriting will occur to the information handled by the software. - The software will not stop
Trust: 1.62
sources:
NVD: CVE-2026-35718 //
JVNDB: JVNDB-2026-018162
AFFECTED PRODUCTS
| vendor: | vivotek | model: | fd8136 | scope: | eq | version: | 0300a | Trust: 1.0 |
| vendor: | vivotek | model: | network camera fd8136 | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | vivotek | model: | network camera fd8136 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | vivotek | model: | network camera fd8136 | scope: | eq | version: | network camera fd8136 firmware 0300a | Trust: 0.8 |
sources:
JVNDB: JVNDB-2026-018162 //
NVD: CVE-2026-35718
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2026-018162 //
NVD: CVE-2026-35718 //
NVD: CVE-2026-35718
PROBLEMTYPE DATA
| problemtype: | CWE-22 | Trust: 1.0 |
| problemtype: | Path traversal (CWE-22) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Path traversal (CWE-22) [ others ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2026-018162 //
NVD: CVE-2026-35718
PATCH
| title: | vulnerability-research/CVE-2026-35718 at main xchg-rax-rax/vulnerability-research GitHub | url: | https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2026-35718 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2026-018162
EXTERNAL IDS
| db: | NVD | id: | CVE-2026-35718 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2026-018162 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2026-018162 //
NVD: CVE-2026-35718
REFERENCES
| url: | http://vivotek.com | Trust: 1.8 |
| url: | https://github.com/xchg-rax-rax/vulnerability-research/tree/main/cve-2026-35718 | Trust: 1.0 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2026-35718 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2026-018162 //
NVD: CVE-2026-35718
SOURCES
| db: | JVNDB | id: | JVNDB-2026-018162 |
| db: | NVD | id: | CVE-2026-35718 |
LAST UPDATE DATE
2026-06-19T23:10:33.296000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2026-018162 | date: | 2026-06-05T01:47:00 |
| db: | NVD | id: | CVE-2026-35718 | date: | 2026-06-03T19:16:26.013 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2026-018162 | date: | 2026-06-05T00:00:00 |
| db: | NVD | id: | CVE-2026-35718 | date: | 2026-06-02T16:16:37.330 |