3 matches found
CVE-2026-12849
Ge’oVision GV-I/O Box 4E (2.09) has OS command injection vulnerabilities in libNetSetObj.so (e.g., CNetSetObj::m_F_n_Set_Net_Mask) that allow a attacker-supplied netmask to invoke /sbin/ifconfig via system(), reachable through DVRSearch and Network.cgi. TALOS and NVD enumerate multiple CVEs (incl...
EUVD-2026-38650
Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...
PT-2026-51660
Name of the Vulnerable Software and Affected Versions GeoVision GV-I/O Box 4E version 2.09 Description OS command injection flaws exist in the libNetSetObj.so internal library, which is used to configure the network stack. A remote attacker can execute arbitrary commands by sending a specially...