Geovision

Gv-lpc2011 Firmware

6 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.9

CVE-2026-42368

  • EPSS 0.35%
  • Veröffentlicht 04.05.2026 00:45:53
  • Zuletzt bearbeitet 15.06.2026 21:16:53

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerabilit...

6.5

CVE-2026-42367

  • EPSS 0.27%
  • Veröffentlicht 04.05.2026 00:43:37
  • Zuletzt bearbeitet 15.06.2026 21:16:53

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability.

6.1

CVE-2026-7371

  • EPSS 0.2%
  • Veröffentlicht 04.05.2026 00:43:05
  • Zuletzt bearbeitet 05.05.2026 02:39:20

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can ...

6.1

CVE-2026-42366

  • EPSS 0.2%
  • Veröffentlicht 04.05.2026 00:42:39
  • Zuletzt bearbeitet 05.05.2026 02:43:57

Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can ...

7.5

CVE-2026-42365

  • EPSS 0.33%
  • Veröffentlicht 04.05.2026 00:42:08
  • Zuletzt bearbeitet 15.06.2026 21:16:53

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigg...

8.8

CVE-2026-42364

  • EPSS 1.61%
  • Veröffentlicht 04.05.2026 00:41:33
  • Zuletzt bearbeitet 15.06.2026 21:16:53

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigg...