CVE-2025-53701 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint…
Medium CVSS: 4.8

CVE-2025-53701

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users.
The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.
Vendor
Vimicro
Product
Vs-ipc1002 Firmware
CWE
CWE-79
Yayın Tarihi
2025-10-23 14:15:39
Güncelleme
2025-11-04 13:10:52
Source Identifier
cvd@cert.pl
KEV Date Added
-

Kategoriler

CWE-79 Vs-ipc1002 Firmware MEDIUM Vimicro 2025

Referanslar

https://cert.pl/en/posts/2025/10/CVE-2025-53701