Platform
other
Component
vivotek-ip7137-camera
CVE-2025-66049 describes an information disclosure vulnerability affecting the Vivotek IP7137 camera running firmware version 0200a. This flaw allows unauthorized users with network access to view the camera's live feed without authentication via the RTSP protocol on port 8554, potentially exposing sensitive areas and compromising user privacy. Due to the product reaching its End-of-Life phase, a security patch is not anticipated.
The primary impact of this vulnerability is the unauthorized viewing of live camera footage. An attacker with network access can exploit this flaw to gain visual surveillance of areas covered by the camera, potentially revealing sensitive information or activities. This could be used for malicious purposes such as theft, vandalism, or stalking. The blast radius extends to anyone who could access the network where the camera is deployed. While no direct data exfiltration is possible through this vulnerability, the visual information obtained could be used in conjunction with other attacks or for reconnaissance purposes. The lack of authentication makes this vulnerability particularly concerning, as it requires minimal effort to exploit.
This vulnerability is not currently listed on the CISA KEV catalog. The EPSS score is likely to be low to medium, reflecting the need for network access to exploit the vulnerability, but the potential impact of unauthorized surveillance is significant. Public proof-of-concept exploits are not currently known, but the simplicity of the vulnerability suggests that they may emerge. The vulnerability was publicly disclosed on 2026-01-09.
Exploit Status
EPSS
0.07% (22% percentile)
CISA SSVC
Given that a security patch is not expected from the vendor due to the product's End-of-Life status, mitigation strategies should focus on network segmentation and access control. Isolate the IP7137 camera on a separate VLAN with restricted access. Implement firewall rules to block external access to port 8554 and only allow connections from trusted internal IP addresses. Consider disabling the RTSP service entirely if it is not essential. Regularly monitor network traffic for suspicious activity. Since a patch is unavailable, a rollback to a previous firmware version is not possible. Carefully evaluate the risks associated with continuing to use this device and consider replacing it with a supported model.
Given that the product has reached its end-of-life and an update is not expected, the only solution is to discontinue the use of the camera or isolate it on a segmented network without internet access to mitigate the risk of unauthorized access to the video stream. Consider replacing the camera with a more recent model with updated security support.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-66049 is a vulnerability in the Vivotek IP7137 camera (firmware 0200a) allowing unauthorized viewing of live camera footage via RTSP without authentication.
You are affected if you are using a Vivotek IP7137 camera with firmware version 0200a and it is accessible from a network where unauthorized users may be present.
A security patch is not expected due to the product's End-of-Life status. Mitigate by isolating the camera on a separate VLAN, restricting access to port 8554, and considering disabling the RTSP service.
There are currently no reports of active exploitation, but the simplicity of the vulnerability suggests it may be targeted in the future.
The vendor has not released an advisory. Monitor security news sources for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.