Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/06 6:47 a.m.7 views

CVE-2026-7841

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the fronte...

8.8CVSS6.7AI score0.00593EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 6:47 a.m.15 views

CVE-2026-7841

GV-ASWeb 6.2.0 contains a remote code execution via the ASWebCommon.srf backend when an authenticated user with System Setting permissions sends a crafted HTTP POST to bypass frontend restrictions. CVSSv3.1: 8.8 (HIGH), AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Exploitation status is not provided in t...

8.8CVSS6.7AI score0.00593EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/27 12:0 a.m.13 views

CVE-2025-26264

GeoVision GV-ASWeb with the version 6.1.2.0 or less fixed in 6.2.0, contains a Remote Code Execution RCE vulnerability within its Notification Settings feature. An authenticated attacker with "System Settings" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server,...

0.19519EPSS
Exploits3References2
CVE
CVE
added 2025/02/27 12:0 a.m.92 views

CVE-2025-26264

Geovision GV-ASWeb (ASManager) versions 6.1.2.0 or earlier are affected by a Remote Code Execution (RCE) vulnerability in the Notification Settings feature. An authenticated attacker with System Settings privileges can exploit this flaw to run arbitrary commands on the server, potentially leading...

8.8CVSS9.1AI score0.19519EPSS
Exploits3References2
GithubExploit
GithubExploit
added 2025/02/26 6:11 p.m.118 views

Exploit for CVE-2025-26264

CVE-2025-26264 CVE-2025-26264 - GeoVision GV-ASWeb with the ve...

8.8CVSS8.5AI score0.19519EPSS
Exploits3
Rows per page
Query Builder