CVE-2025-66050

CVSS Score & Metrics

Base Score

9.8 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H                                    

Vulnerability Description

Vivotek IP7137 camera with firmware version 0200a by default dos not require to provide any password when logging in as an administrator. While it is possible to set up such a password, a user is not informed about such a need.
The vendor has not replied to the CNA. Possibly all firmware versions are affected. Since the product has met End-Of-Life phase, a fix is not expected to be released.

Vulnerability Details

Published Date

January 09, 2026

Last Modified

January 14, 2026

CWE ID

CWE-1393

Source

NVD

Vendor

vivotek

Product

ip7137_firmware

External References

https://cert.pl/posts/2026/01/CVE-2025-66049

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment