CVE-2026-42370
CVE-2026-42370
9.0
CriticalPublished:
Last updated:
Source:0df08a0e-a200-4957-9bb0-084f562506f9
Modified
Weakness (CWE)
CVSS Vector
v3.1- Attack Vector
- Network
- Attack Complexity
- High
- Privileges Required
- None
- User Interaction
- None
- Scope
- Changed
- Confidentiality
- High
- Integrity
- High
- Availability
- High
Description
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.
References
0df08a0e-a200-4957-9bb0-084f562506f9
https://talosintelligence.com/vulnerability_reports/0df08a0e-a200-4957-9bb0-084f562506f9
https://www.geovision.com.tw/cyber_security.phpaf854a3a-2127-422b-91ae-364da2661108
https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2369