CVE-2026-35716

Name of the Vulnerable Software and Affected Versions VIVOTEK FD8136 version FD8136-VVTK-0300a

Description A stack-based buffer overflow occurs in the motion privacy.cgi binary. Authenticated remote attackers can execute arbitrary code with root privileges by sending an oversized n1 parameter in a POST request to the "/cgi-bin/admin/setpm.cgi", "/cgi-bin/admin/setmd.cgi", or "/cgi-bin/admin/setmd profile.cgi" endpoints. The issue arises because the parameter value is copied into a fixed-size 0xa4-byte stack buffer without bounds checking, which overwrites the saved link register. The binary lacks stack canaries, which are security mechanisms used to detect stack buffer overflows before execution can be hijacked.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.