GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

Summary A insufficient encryption vulnerability exists in the Device Authentication functionality of GV-IP Device Utility versions: 9.0.5. A specially crafted network sniffing can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. Confirmed...

CVE-2026-42363

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-7161

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-7161 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-7161 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

EUVD-2026-26862

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

GeoVision GV-IP Device Utility 安全漏洞

The GeoVision GV-IP Device Utility is a network configuration tool developed by the Chinese company GeoVision, designed for discovering and managing IP monitoring devices. Version 9.0.5 of the GeoVision GV-IP Device Utility contains a security vulnerability. This vulnerability stems from...

GeoVision GV-IP Device Utility 安全漏洞

The GeoVision GV-IP Device Utility is a network configuration tool developed by the Chinese company GeoVision, designed for discovering and managing IP monitoring devices. Version 9.0.5 of the GeoVision GV-IP Device Utility contains a security vulnerability. This vulnerability stems from...

CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-42363 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

CVE-2026-42363

CVE-2026-42363 affects GeoVision GV-IP Device Utility 9.0.5. The Device Authentication flow encrypts credentials using a protocol resembling Blowfish, but the symmetric key is included in the packet, making confidentiality rely on obscurity. When admin users interact with devices, credentials may...