cpe:/o:vivotek:fd8136_firmware:0301a CVE-2018-14494 2019-07-10T09:15:10.590-04:00 2019-09-19T12:15:11.137-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov MISC https://www.vdalabs.com/2018/07/23/professional-iot-hacking-series-target-selection-firmware-analysis/ MISC https://www.vdalabs.com/2018/08/06/professional-iot-hacking-series-hunting-remote-command-injection/ ** DISPUTED ** Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. NOTE: the vendor sent a clarification on 2019-09-17 explaining that, although this CVE was first populated in July 2019, it is a historical vulnerability that does not apply to any current or recent Vivotek hardware or firmware.