GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | geohttpserver | * |
The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | geohttpserver | * |
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct request to the image.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | digital_surveillance_system | 6.0.4 |
| geovision | digital_surveillance_system | 7.0 |
| geovision | digital_surveillance_system | 6.1 |
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | digital_surveillance_system | 6.0.4 |
| geovision | digital_surveillance_system | 7.0 |
| geovision | digital_surveillance_system | 6.1 |
Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | digital_surveillance_system | 8.2 |
A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-vr360_firmware | * |
| geovision | gv-vd8700_firmware | * |
| androvideo | vd_1_firmware | * |
A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-vr360_firmware | * |
| geovision | gv-vd8700_firmware | * |
| androvideo | vd_1_firmware | * |
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-23,CWE-22,CWE-862,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-vr360_firmware | * |
| geovision | gv-vd8700_firmware | * |
| androvideo | vd_1_firmware | * |
GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| twcert@cert.org.tw | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-532,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-gf192x_firmware | 1.10 |
Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| twcert@cert.org.tw | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-120,CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-as410_firmware | * |
| geovision | gv-as210_firmware | * |
| geovision | gv-as810_firmware | * |
| geovision | gv-gf1921_firmware | * |
| geovision | gv-gf1922_firmware | * |
| geovision | gv-as1010_firmware | * |
GV-ASManager V6.0.1.0 contains a Local File Inclusion vulnerability in GeoWebServer via Path.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-asmanager | 6.0.1.0 |
An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-edge_recording_manager | 2.2.3.0 |
In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| ics-cert@hq.dhs.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-adr2701_firmware | 1.00_2017_12_15 |
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| twcert@cert.org.tw | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-vs12_firmware | - |
| geovision | gv-vs11_firmware | - |
| geovision | gvlx_4_firmware | - |
| geovision | gv-dsp_lpr_firmware | - |
GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision GV-ASManager. Although authentication is required to exploit this vulnerability, default guest credentials may be used. The specific flaw exists within the GV-ASWeb service. The issue results from the lack of authorization prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25394.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-asmanager | 6.1.0 |
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| twcert@cert.org.tw | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geovision | gv-vs2820_firmware | - |
| geovision | gv-vs21600_firmware | - |
| geovision | gv-vs04a_firmware | - |
| geovision | gv-vs04h_firmware | - |
| geovision | gv_ipcamd_gv_efd1100_firmware | - |
| geovision | gv_ipcamd_gv_ebl1100_firmware | - |
| geovision | gv_vs04a_firmware | - |
| geovision | gv-vs03_firmware | - |
| geovision | gv-bx130_firmware | - |
| geovision | gv-vs14_firmware | - |
| geovision | gv_ipcamd_gv_fd2410_firmware | - |
| geovision | gv-ebl1100_firmware | - |
| geovision | gv-gm8186_vs14_firmware | - |
| geovision | gv_vs2410_firmware | - |
| geovision | gv-fd2410_firmware | - |
| geovision | gv_vs04h_firmware | - |
| geovision | gv_gm8186_vs14_firmware | - |
| geovision | gvlx_4_firmware | - |
| geovision | gv-dsp_lpr_firmware | - |
| geovision | gv_ipcamd_gv_fe420_firmware | - |
| geovision | gv-fe3401_firmware | - |
| geovision | gv-vs2410_firmware | - |
| geovision | gv_vs216xx_firmware | - |
| geovision | gv-efd1100_firmware | - |
| geovision | gv_ipcamd_gv_bx130_firmware | - |
| geovision | gv_ipcamd_gv_fe3401_firmware | - |
| geovision | gv-vs2800_firmware | - |
| geovision | gv_ipcamd_gv_bx1500_firmware | - |
| geovision | gv_ipcamd_gv_fd3400_firmware | - |
| geovision | gv-cb220_firmware | - |
| geovision | gv_vs28xx_firmware | - |
| geovision | gv-fd3400_firmware | - |
| geovision | gv_ipcamd_gv_cb220_firmware | - |
| geovision | gv-bx1500_firmware | - |
| geovision | gv-fe420_firmware | - |
| geovision | gv_vs03_firmware | - |
| geovision | gv-vs14_vs14_firmware | - |