Skip to main content

GeoVision GV-LPC EUVDEUVD-2026-39630

| CVE-2026-57874 HIGH
Classic Buffer Overflow (CWE-120)
2026-06-26 GV GHSA-vrjw-2c7c-hhv6
7.5
CVSS 3.1 · Vendor: GV
Share

Severity by source

Vendor (GV) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
7.5 HIGH

Unauthenticated network-reachable CGI with a low-complexity long-filename trigger gives AV:N/AC:L/PR:N/UI:N; description limits impact to a crash, so A:H with C:N/I:N.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (GV).

CVSS VectorVendor: GV

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 26, 2026 - 08:16 vuln.today

DescriptionCVE.org

An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing filename values in multipart upload data. A remote attacker may exploit this vulnerability by sending a crafted upload request with overly long input, causing memory corruption and resulting in a denial of service.

AnalysisAI

Denial of service in GeoVision GV-LPC2011 and GV-LPC2211 license-plate-capture devices (firmware V1.12 and earlier) allows remote unauthenticated attackers to crash the device by sending a multipart upload request with an overly long filename to IEEE8021x_upload.cgi. The flaw is a classic stack/heap buffer overflow (CWE-120) with availability-only impact and no confidentiality or integrity loss. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach device web interface
Delivery
Send crafted multipart upload to IEEE8021x_upload.cgi
Exploit
Overflow filename parsing buffer
Execution
Corrupt memory in CGI handler
Impact
Crash service, device denial of service

Vulnerability AssessmentAI

Exploitation Exploitation requires network reachability to the device's web management interface and the ability to send a multipart/form-data upload request to the IEEE8021x_upload.cgi endpoint with an overly long filename field - that crafted long filename IS the trigger condition. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, base 7.5 HIGH) reflects a remotely reachable, low-complexity, unauthenticated flaw whose only impact is availability - there is no code execution or data exposure claimed in the description, only memory corruption leading to denial of service. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the device's web interface sends a single crafted HTTP multipart POST to IEEE8021x_upload.cgi with an excessively long filename value, overrunning the parsing buffer and crashing the service. No authentication or user interaction is required, so an attacker scanning for exposed GeoVision devices could repeatedly knock targeted cameras offline. …
Remediation Apply the updated firmware released by GeoVision for the GV-LPC2011/GV-LPC2211 series as published on the vendor advisory at https://www.geovision.com.tw/cyber_security.php - no exact fixed version is specified in the available data, so confirm the patched build directly with GeoVision (no vendor-released patch version identified at time of analysis). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify and inventory all GeoVision GV-LPC2011 and GV-LPC2211 devices running firmware V1.12 or earlier; block external network access to the IEEE8021x_upload.cgi endpoint. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-39630 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy