Overview
- Description
- Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
- Source
- twcert@cert.org.tw
- NVD status
- Awaiting Analysis
- CNA Tags
- unsupported-when-assigned
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Weaknesses
- twcert@cert.org.tw
- CWE-78
Social media
- Hype score
- Not currently trending