CVE-2026-35718

Published: Jun 2, 2026

Modified: Jun 3, 2026

PUBLISHED

Description

A path traversal vulnerability in the /admin/downloadMedias.cgi endpoint of VIVOTEK INC FD8136-VVTK firmware 0300a allows authenticated attackers to read any file on the device via sending a crafted request.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://vivotek.com

https://github.com/xchg-rax-rax/vulnerability-research/tree/main/CVE-2026-35718

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-35718

Description

Affected Products

References