What is the CVSS score of CVE-2026-7841?

CVE-2026-7841 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of GeoVision GV-ASWeb are affected by CVE-2026-7841?

GeoVision GV-ASWeb 6.2.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands and achieve full compromise of affected…

GeoVision GV-ASWeb CVE-2026-7841

EUVD-2026-27546 HIGH

Code Injection (CWE-94)

2026-05-06 GV

GHSA-94pq-gp68-xccr

RCE Code Injection

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 06, 2026 - 07:46 vuln.today

DescriptionNVD

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the frontend restrictions.

AnalysisAI

Remote code execution in GeoVision GV-ASWeb 6.2.0 allows authenticated users with System Setting permissions to execute arbitrary commands by bypassing frontend restrictions through crafted HTTP POST requests to the ASWebCommon.srf backend endpoint. This authenticated network-accessible vulnerability achieves full system compromise (confidentiality, integrity, and availability impact) with low attack complexity. …

RemediationAI

Within 24 hours: Inventory all GeoVision GV-ASWeb 6.2.0 instances and verify current user accounts with System Setting permissions. Within 7 days: Implement network segmentation to restrict administrative access to the ASWebCommon.srf endpoint, require multi-factor authentication for all System Setting accounts, and audit recent POST requests to this endpoint for suspicious activity. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-7841 vulnerability details – vuln.today

Back

GeoVision GV-ASWeb CVE-2026-7841

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code