CVE-2025-66049

Name of the Vulnerable Software and Affected Versions Vivotek IP7137 camera versions prior to 0200a

Description The Vivotek IP7137 camera is affected by an information disclosure issue. Live camera footage can be accessed through the Real Time Streaming Protocol (RTSP) on port 8554 without authentication. This allows unauthorized network users to view the camera feed, potentially compromising privacy and security. The vendor has not responded to reports of this issue, and as the product is in its End-Of-Life phase, a fix is not expected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.