CVE-2025-66051

Name of the Vulnerable Software and Affected Versions Vivotek IP7137 camera versions prior to firmware version 0200a

Description The Vivotek IP7137 camera is susceptible to a path traversal issue. An authenticated attacker can potentially access resources outside the intended webroot directory by sending a direct HTTP request. Additionally, the administration panel may not have a default password set, potentially allowing unauthorized access. It is possible that all firmware versions are affected. The product has reached its End-Of-Life phase, and a fix is not anticipated.

Recommendations Update the firmware to version 0200a or later. Set a strong password for the administration panel. At the moment, there is no information about a newer version that contains a fix for this vulnerability.