3 matches found
CVE-2024-11120
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received relat...
CVE-2024-6047
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device...
CVE-2024-6047
CVE-2024-6047 affects GeoVision end-of-life devices. A failure to properly filter input enables OS command injection via unauthenticated remote access (e.g., through the /DateSetting.cgi endpoint), allowing arbitrary command execution with high impact (CVE severity rated up to 9.8 by TWCERT/CTW)....