{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-22755","assignerOrgId":"461b2335-328f-427d-ae3d-eff7d6814455","state":"PUBLISHED","assignerShortName":"larry_cashdollar","dateReserved":"2026-01-09T14:27:11.646Z","datePublished":"2026-01-13T15:12:53.126Z","dateUpdated":"2026-01-20T20:33:02.780Z"},"containers":{"cna":{"affected":[{"collectionURL":"https://ftpmirror.your.org/pub/misc/ftp.vivotek.com/Firmware/","defaultStatus":"unaffected","modules":["Firmware"],"product":"Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330","vendor":"Vivotek","versions":[{"status":"affected","version":"0100a","versionType":"custom"},{"status":"affected","version":"0106a","versionType":"custom"},{"status":"affected","version":"0106b","versionType":"custom"},{"status":"affected","version":"0107a","versionType":"custom"},{"status":"affected","version":"0107b_1","versionType":"custom"},{"status":"affected","version":"0109a","versionType":"custom"},{"status":"affected","version":"0112a","versionType":"custom"},{"status":"affected","version":"0113a","versionType":"custom"},{"status":"affected","version":"0113d","versionType":"custom"},{"status":"affected","version":"0117b","versionType":"custom"},{"status":"affected","version":"0119e","versionType":"custom"},{"status":"affected","version":"0120b","versionType":"custom"},{"status":"affected","version":"0121","versionType":"custom"},{"status":"affected","version":"0121d","versionType":"custom"},{"status":"affected","version":"0121d_48573_1","versionType":"custom"},{"status":"affected","version":"0122e","versionType":"custom"},{"status":"affected","version":"0124d_48573_1","versionType":"custom"},{"status":"affected","version":"012501","versionType":"custom"},{"status":"affected","version":"012502","versionType":"custom"},{"status":"affected","version":"0125c","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"Larry W. Cashdollar"}],"datePublic":"2026-01-08T17:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 (Firmware modules) allows OS Command Injection.<p>This issue affects Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330: 0100a, 0106a, 0106b, 0107a, 0107b_1, 0109a, 0112a, 0113a, 0113d, 0117b, 0119e, 0120b, 0121, 0121d, 0121d_48573_1, 0122e, 0124d_48573_1, 012501, 012502, 0125c.</p>"}],"value":"Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 (Firmware modules) allows OS Command Injection.This issue affects Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330: 0100a, 0106a, 0106b, 0107a, 0107b_1, 0109a, 0112a, 0113a, 0113d, 0117b, 0119e, 0120b, 0121, 0121d, 0121d_48573_1, 0122e, 0124d_48573_1, 012501, 012502, 0125c."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Not public but easy to reproduce."}],"value":"Not public but easy to reproduce."}],"impacts":[{"capecId":"CAPEC-88","descriptions":[{"lang":"en","value":"CAPEC-88 OS Command Injection"}]}],"metrics":[{"cvssV4_0":{"Automatable":"YES","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":9.3,"baseSeverity":"CRITICAL","exploitMaturity":"PROOF_OF_CONCEPT","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/AU:Y/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-77","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"461b2335-328f-427d-ae3d-eff7d6814455","shortName":"larry_cashdollar","dateUpdated":"2026-01-20T20:33:02.780Z"},"references":[{"url":"http://www.vapidlabs.com/advisory.php?v=220"},{"url":"https://www.akamai.com/blog/security-research/command-injection-vivotek-legacy-firmware-need-to-know"}],"source":{"discovery":"UNKNOWN"},"title":"Legacy Vivotek Camera Firmware Command Injection in upload_map.cgi","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-13T15:29:25.879272Z","id":"CVE-2026-22755","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-13T15:29:57.030Z"}}]}}