Skip to main content

Asmanager

1 CVEs product

Monthly

CVE-2026-7841 HIGH This Week

Remote code execution in GeoVision GV-ASWeb 6.2.0 allows authenticated users with System Setting permissions to execute arbitrary commands by bypassing frontend restrictions through crafted HTTP POST requests to the ASWebCommon.srf backend endpoint. This authenticated network-accessible vulnerability achieves full system compromise (confidentiality, integrity, and availability impact) with low attack complexity. No public exploit code or active exploitation confirmed at time of analysis, though EPSS data unavailable for risk contextualization.

Code Injection RCE Asmanager
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
EPSS 0% CVSS 8.8
HIGH This Week

Remote code execution in GeoVision GV-ASWeb 6.2.0 allows authenticated users with System Setting permissions to execute arbitrary commands by bypassing frontend restrictions through crafted HTTP POST requests to the ASWebCommon.srf backend endpoint. This authenticated network-accessible vulnerability achieves full system compromise (confidentiality, integrity, and availability impact) with low attack complexity. No public exploit code or active exploitation confirmed at time of analysis, though EPSS data unavailable for risk contextualization.

Code Injection RCE Asmanager
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy