CVE-2018-14496

Name of the Vulnerable Software and Affected Versions Vivotek FD8136 devices (affected versions not specified)

Description The issue is related to a stack-based buffer overflow, which can lead to remote memory corruption and remote code execution. This is connected to the use of sprintf, vlocal buff 4326, and the /set getparam.cgi API endpoint. The vendor has disputed this as a vulnerability, stating it does not cause a web server crash or affect its performance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.