Lucene search
K

13 matches found

EUVD
EUVD
added 2026/06/26 7:17 a.m.8 views

EUVD-2026-39633

An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this...

8.6CVSS5.8AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.37 views

CVE-2026-57876 GV-LPC2011/LPC2211 - unauthorized out-of-bounds writing vulnerability (onvif.cgi)

An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a...

7.5CVSS0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.36 views

CVE-2026-57875 GV-LPC2011/LPC2211 - unauthorized null pointer dereference vulnerability in packet parsing

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

7.5CVSS0.01266EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.38 views

CVE-2026-57874 GV-LPC2011/LPC2211 - unauthorized buffer overflow vulnerability (IEEE8021x_upload.cgi)

An unauthenticated buffer overflow vulnerability exists in IEEE8021xupload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing filename values in multipart upload data. A remote attacker may exploit this...

7.5CVSS0.00318EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 1:16 a.m.32 views

CVE-2026-42368

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

9.9CVSS0.00348EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.11 views

CVE-2026-7371

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this...

7.4CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 1:16 a.m.11 views

CVE-2026-42365

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS0.00329EPSS
Exploits0References3
CVE
CVE
added 2026/05/04 12:43 a.m.13 views

CVE-2026-7371

GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi is affected by reflected XSS in version 1.10. A attacker can trigger arbitrary JavaScript by providing a crafted URL, with exploitation described as reflected XSS via the error message for non-existing pages. CVSS v3.1 base score 7.4 (HIGH) with N...

7.4CVSS5.9AI score0.00196EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 12:42 a.m.6 views

CVE-2026-42366 GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerabili...

7.4CVSS5.9AI score0.00196EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.12 views

GeoVision LPC2011和GeoVision LPC2211 安全漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain security vulnerabilities. These vulnerabilities stem from predictable session cookies within the Web...

8.6CVSS5.8AI score0.00329EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.13 views

PT-2026-36732

Name of the Vulnerable Software and Affected Versions GeoVision LPC2011/LPC2211 version 1.10 Description An OS command injection flaw exists in the 'DdnsSetting.cgi' functionality. A specially crafted DDNS configuration allows an attacker to modify a configuration value to execute arbitrary...

9.9CVSS6.1AI score0.01606EPSS
Exploits0References17
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

GeoVision LPC2011和GeoVision LPC2211 操作系统命令注入漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring and control devices produced by the Chinese company GeoVision. Versions 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain a vulnerability related to operating system command injection. This vulnerability stems from the OS...

9.9CVSS6.1AI score0.01606EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

GeoVision LPC2011和GeoVision LPC2211 跨站脚本漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contains a cross-site scripting vulnerability. This vulnerability stems from multiple reflective cross-site script...

7.4CVSS5.7AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder