Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required.  The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.
History

Fri, 24 Oct 2025 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Vilar
Vilar vs-ipc1002
Vendors & Products Vilar
Vilar vs-ipc1002

Thu, 23 Oct 2025 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 23 Oct 2025 14:00:00 +0000

Type Values Removed Values Added
Description Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required.  The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.
Title DoS vulnerability in Vilar VS-IPC1002 IP cameras
Weaknesses CWE-755
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-PL

Published: 2025-10-23T13:39:44.596Z

Updated: 2025-10-23T14:56:58.978Z

Reserved: 2025-07-08T14:49:12.283Z

Link: CVE-2025-53702

cve-icon Vulnrichment

Updated: 2025-10-23T14:56:53.406Z

cve-icon NVD

Status : Received

Published: 2025-10-23T14:15:39.267

Modified: 2025-10-23T14:15:39.267

Link: CVE-2025-53702

cve-icon Redhat

No data.