CVE-2025-53701 – XSS vulnerability in Vilar VS-IPC1002 IP cameras

CVE ID : CVE-2025-53701

Published : Oct. 23, 2025, 2:15 p.m. | 27 minutes ago

Description : Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users.
The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.

Severity: 4.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…