How severe is CVE-2025-66051?

CVE-2025-66051 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2025-66051

Name: ip7137
Author: vivotek

6.5MEDIUM

Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible for an authenticated attacker to access resources beyond webroot directory using a direct HTTP request

公開日: 1/9/2026更新日: 1/14/2026

説明

Vivotek IP7137 camera with firmware version 0200a is vulnerable to path traversal. It is possible for an authenticated attacker to access resources beyond webroot directory using a direct HTTP request. Due to CVE-2025-66050, a password for administration panel is not set by default. The vendor has not replied to the CNA. Possibly all firmware versions are affected. Since the product has met End-Of-Life phase, a fix is not expected to be released.

AI分析AIによる分析

影響を受ける製品

vivotekip7137_firmware

0200a

vivotekip7137

参照

https://cert.pl/posts/2026/01/CVE-2025-66049
Third Party Advisory