Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Remote unauthenticated malformed request needs no privileges or interaction (AV:N/AC:L/PR:N/UI:N); a NULL deref crash impacts only availability (A:H), with no C/I impact.
Primary rating from Vendor (GV).
CVSS VectorVendor: GV
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionCVE.org
An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may exploit this vulnerability by sending a malformed multipart request, causing the affected CGI process to crash and resulting in a denial of service.
AnalysisAI
Denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license plate cameras (firmware V1.12 and earlier) lets remote unauthenticated attackers crash the IEEE8021x_upload.cgi process by sending a malformed multipart upload request, triggering a NULL pointer dereference (CWE-476). The high availability impact (CVSS 7.5, A:H) means the device's 802.1x certificate-upload functionality - and potentially the management interface - becomes unavailable until the process or device restarts. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires only network reachability to the device's web service and the ability to send an HTTP POST to the IEEE8021x_upload.cgi endpoint; the specific trigger is a malformed multipart/form-data request with missing or invalid headers in the certificate-related upload fields. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Signals are largely consistent and point to a genuine but bounded DoS risk. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to an exposed GV-LPC2011/2211 camera sends a crafted malformed multipart/form-data POST to IEEE8021x_upload.cgi omitting or corrupting an expected certificate-field header, causing a NULL pointer dereference that crashes the CGI process. Repeating the request keeps the certificate-upload/management function unavailable. … |
| Remediation | Consult GeoVision's security advisory at https://www.geovision.com.tw/cyber_security.php and upgrade affected GV-LPC2011/GV-LPC2211 devices to a firmware release newer than V1.12 once published; the input data does not specify an exact fixed firmware version, so treat the patched build as 'patch available per vendor advisory' and confirm the version directly with GeoVision before deploying. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all GeoVision GV-LPC2011 and GV-LPC2211 cameras and verify firmware versions; immediately restrict network access to these devices to trusted administrative subnets. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Gv Lpclpc2011 2211
View allRemote code execution in GeoVision GV-LPC2011 and GV-LPC2211 license-plate-recognition cameras (firmware V1.12 and earli
Unauthenticated remote code execution and denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license plate camera
Remote code execution and denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license-plate-recognition cameras (V1
Remote unauthenticated stack-based buffer overflow in the vlsvr login service of GeoVision GV-LPC2011 and GV-LPC2211 lic
Unauthenticated format string flaw in the vlsvr service of GeoVision GV-LPC2011 and GV-LPC2211 license plate recognition
Denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license-plate capture devices (firmware V1.12 and earlier) lets
Arbitrary file read in GeoVision GV-LPC2011 and GV-LPC2211 license plate recognition appliances (firmware V1.12 and earl
Denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license-plate-capture devices (firmware V1.12 and earlier) allo
Denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license plate recognition cameras (firmware V1.12 and earlier)
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39629
GHSA-8vq6-q3wm-j729