cbcvebase.
CVE-2013-1594
published 2020-01-24

CVE-2013-1594: An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials…

PriorityP356high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
7.33%
93.6th percentile
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.

Affected

2 ranges
VendorProductVersion rangeFixed in
vivotekpt7135_firmware
vivotekpt7135_firmware

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://192.168.1.100/cgi-bin/admin/getparam.cgi
urlhttp://192.168.1.100/setup/parafile.html
path/cgi-bin/admin/getparam.cgi
port554
  • Proxy or IDS should filter HTTP requests containing '/../../' and 'getparam.cgi' to block path traversal and information disclosure attempts.
  • Monitor RTSP traffic on TCP port 554 for oversized Authorization: Basic headers (1000–10000+ characters of repeated 'a'/0x61) indicating CVE-2013-1595 buffer overflow attempts against the same device/firmware.
  • Filter or alert on the parameter 'system.ntp' in requests to the process 'farseer.out' to detect OS command injection attempts (CVE-2013-1598).
  • ·CVE-2013-1598 command injection is pre-authentication on firmware 0300a but requires post-authentication on firmware 0400a; detection/blocking logic should account for this difference.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.