4 matches found
CVE-2026-57878
An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...
CVE-2026-57872
An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...
CVE-2026-57877 GV-LPC2011/LPC2211 - unauthorized format string vulnerability (vlsvr)
An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this...
CVE-2026-57876
The CVE-2026-57876 entry describes an unauthenticated out-of-bounds write in GeoVision GV-LPC2011/LPC2211 devices (onvif.cgi), affected firmware versions ≤ V1.12. The issue stems from insufficient bounds checking on HTTP request body data, allowing a remote attacker to send crafted input that cau...