Critical Alert 2 Active Exploits Detected Today

CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability →
CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability →
Powered by CVE Watchtower
×

Critical Alert

CVE-2026-50751 - Critical Check Point VPN Exploit Discovered Active in the Wild. View Threat Details →
Powered by CVE WATCHTOWER
×
June 9, 2026

CVE Watchtower


← Back to CVE List

CVE-2025-66051NVD

Vulnerability Summary

Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible for an authenticated attacker to access resources beyond webroot directory using a direct HTTP request. Due to CVE-2025-66050, a password for administration panel is not set by default.
The vendor has not replied to the CNA. Possibly all firmware versions are affected. Since the product has met End-Of-Life phase, a fix is not expected to be released.
Severity Level
MEDIUM(6.9)
Published Date
Jan 9, 2026
Last Modified
Jan 14, 2026
Exploitation Status
????
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
CWE-22: Path Traversal
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.
CVSS v4.0 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone

External References