Skip to main content

Geowebplayer

18 CVEs product

Monthly

CVE-2026-57278 HIGH This Week

Buffer overflow in GeoVision's GeoWebPlayer addon (also branded "Web Plugin" in GV-VMS and "WS Player" in VMS-Cloud) allows memory corruption and likely code execution in the local WebSocket server process. The `handle_connection_info` handler for the `connectionInfo` command copies attacker-controlled JSON strings (including the `ip` field) into fixed-size stack/heap buffers using unbounded byte-by-byte loops, so an oversized value overruns the buffer. Because the WebSocket server binds to localhost, exploitation is realistically driven by luring an authenticated user's browser to a malicious page that issues the command; no public exploit is identified at time of analysis and it is not listed in CISA KEV.

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57277 HIGH This Week

Stack buffer overflow in GeoVision's GeoWebPlayer addon (also branded "Web Plugin" for GV-VMS and "WS Player" for VMS-Cloud) lets an attacker corrupt fixed-size buffers and potentially achieve code execution against users of GV-VMS, GV-Cloud and related GeoVision products. The flaw lives in the local WebSocket server's connectionInfo command handler, which copies attacker-controlled JSON strings byte-by-byte without length checks; because a malicious web page loaded in the victim's browser can drive that local WebSocket, exploitation is scored network-reachable (CVSS 8.3) but requires user interaction and high attack complexity. No public exploit is identified at time of analysis, though the issue was reported by Cisco Talos, which typically develops proof-of-concept material.

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57276 HIGH This Week

Remote code execution in GeoVision GeoWebPlayer (the browser-facing 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and related products) is possible because the local WebSocket server's connectionInfo handler copies attacker-controlled JSON fields into fixed-size buffers with unchecked byte-by-byte loops. A remote attacker who lures a user to a malicious web page can drive the victim's browser to send an oversized password field to the localhost WebSocket, overflowing the buffer and achieving code execution (CVSS 8.3). There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57275 HIGH This Week

Cross-site WebSocket-driven buffer overflow in GeoVision GeoWebPlayer (the 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and VMS-Cloud) lets an attacker reach the localhost WebSocket server and overflow fixed-size buffers via the `connectionInfo` command's username field, achieving memory corruption and likely code execution (CVSS 8.3, CWE-120). Because the server listens on localhost, exploitation is reached through a victim's browser visiting a malicious page (UI:R, AC:H), giving high confidentiality, integrity and availability impact with a scope change. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the flaw was independently documented by Cisco Talos (TALOS-2026-2375).

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57274 HIGH This Week

Buffer overflow vulnerabilities in GeoVision's GeoWebPlayer WebSocket addon (CWE-120) allow a remote attacker to induce code execution by luring a user running the addon into visiting a malicious webpage that sends a crafted `connectionInfo` WebSocket command with an oversized password field to the locally-listening service. The unbounded manual byte-by-byte copy in `handle_connection_info` overwrites adjacent memory, potentially yielding full process compromise across all impact dimensions (C:H/I:H/A:H). Reported by Cisco Talos (TALOS-2026-2375) and acknowledged by GeoVision; no public exploit code or CISA KEV listing identified at time of analysis.

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57273 HIGH This Week

Remote code execution in GeoVision GeoWebPlayer (the "Web Plugin"/"WS Player" addon bundled with GV-VMS, GV-Cloud and VMS-Cloud) is possible because the addon's localhost WebSocket server processes a 'connectionInfo' command whose handler copies attacker-supplied JSON strings into fixed-size buffers without bounds checks (CWE-120). Because the WebSocket is reachable via the victim's browser (AV:N), a malicious web page can drive the overflow when a user with the addon installed visits it (UI:R), yielding memory corruption with high confidentiality, integrity and availability impact and a scope change. No public exploit identified at time of analysis, though Cisco Talos has published a detailed report (TALOS-2026-2375); no EPSS or CISA KEV data was provided.

Buffer Overflow Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57272 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer add-on (also branded 'Web Plugin' for GV-VMS and 'WS Player' for VMS-Cloud) lets an attacker abuse the 'byPass' WebSocket command by supplying an unchecked 'index' value, corrupting memory to achieve high-impact compromise (CVSS 8.3). The bundled component runs a local WebSocket server for GeoVision web interfaces (GV-VMS, GV-Cloud); because the server is reachable from a victim's browser, a malicious web page can drive the flaw with only user interaction and no authentication. No public exploit identified at time of analysis, though a Talos vulnerability report (TALOS-2026-2373) documents the issue.

Authentication Bypass Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57271 HIGH This Week

Out-of-bounds array indexing in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) allows a remote attacker to leak memory or crash the local WebSocket service by delivering a malformed 'pause' command. The addon runs a WebSocket server that backs the browser interfaces of GeoVision products such as GV-VMS and GV-Cloud, so any browser tricked into connecting to it can trigger the flaw. No public exploit identified at time of analysis; the issue was reported by the vendor (GeoVision) and documented by Cisco Talos (TALOS-2026-2373).

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57270 HIGH This Week

Out-of-bounds array access in GeoVision GeoWebPlayer (a.k.a. "Web Plugin"/"WS Player"), a websocket-server addon bundled with GV-VMS, GV-Cloud and related GeoVision software, lets an attacker who lures a victim to a malicious web page reach the localhost websocket and supply an unvalidated `index` to leak memory and corrupt state (CWE-129). The play command in particular accepts an attacker-controlled index used to index internal arrays without a range check, enabling information disclosure and potential code-path corruption. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the vendor has published a security advisory and Talos has released a detailed report.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57269 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (a.k.a. 'Web Plugin' / 'WS Player') addon lets an attacker read memory, corrupt state, or crash the local WebSocket helper bundled with GV-VMS, GV-Cloud, and related surveillance software. The plugin's localhost WebSocket server processes commands (such as 'disconnect') that carry an attacker-controlled 'index' used to dereference internal arrays without bounds checking (CWE-129), yielding high confidentiality, integrity, and availability impact. The CVSS 3.1 vector (AV:N/UI:R/S:C) reflects a cross-origin browser-driven vector where a victim lured to a malicious page has their browser relay commands to the local WebSocket; there is no public exploit identified at time of analysis and no CISA KEV listing.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57268 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) can lead to remote code execution when the addon's localhost WebSocket server processes a saveVideo command with an attacker-controlled index. Because the addon ships with widely-used GeoVision products (GV-VMS, GV-Cloud) and is reachable from a victim's browser via a malicious web page, a lured user visiting attacker-controlled content can trigger an out-of-bounds function-pointer call. This is a Talos-reported (TALOS-2026-2373) issue with no public exploit identified at time of analysis and is not listed in CISA KEV.

RCE Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.3%
CVE-2026-57267 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (the 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and related software) lets an attacker abuse the local WebSocket server's snapshot command by supplying an unchecked 'index' value that indexes arrays beyond their bounds. Because the CVSS vector is AV:N/UI:R with a scope change, a victim who visits a malicious web page can have their browser drive the localhost WebSocket into out-of-bounds reads/writes, yielding information disclosure and potential memory corruption (C:H/I:H/A:H). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57266 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' for VMS-Cloud) lets an attacker corrupt memory or leak sensitive data by sending a 2wayAudio WebSocket command with an unchecked index value. The addon runs a localhost WebSocket server that expands GeoVision web interfaces, and its command handlers use caller-supplied index values to index internal arrays without validating their range. Reported by GeoVision and Talos (TALOS-2026-2373); no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57265 HIGH This Week

Memory-disclosure and denial-of-service in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) stems from an unvalidated `index` parameter in its localhost WebSocket command handler (audio command path), letting an attacker read and act on out-of-bounds array elements. Because the WebSocket listener is reachable cross-origin, a victim who is lured to a malicious web page can have their browser drive the local service, so the effective attack vector is network-based despite the server binding to localhost. No public exploit code is identified at time of analysis, though a Cisco Talos advisory (TALOS-2026-2373) documents the flaw; it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-57264 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker corrupt or read process memory by sending crafted WebSocket commands to the localhost server the addon exposes. The specific 'setPIP' command accepts an attacker-controlled 'index' that is used to index internal arrays without range validation, yielding information disclosure and potential memory corruption. There is no public exploit identified at time of analysis, though a Cisco Talos technical report (TALOS-2026-2373) documents the flaw; it is not listed in CISA KEV and no EPSS score is provided.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13132 HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker abuse the addon's localhost WebSocket server via a crafted 'setStream' command whose attacker-controlled 'index' is used to index arrays without range validation (CWE-129), enabling memory disclosure and possible corruption. Because a victim's browser can be steered into connecting to the local WebSocket service, the vendor rates this AV:N/UI:R (CVSS 8.3) - a remote web page can pivot to the local service after the user visits it. No public exploit is identified at time of analysis and it is not in CISA KEV, so this is not confirmed as actively exploited.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13131 HIGH This Week

Out-of-bounds array access in GeoVision GeoWebPlayer (the "Web Plugin"/"WS Player" addon bundled with GV-VMS, GV-Cloud and related software) lets a remote attacker corrupt memory via the local WebSocket server's connectInfo command. Because the server trusts an attacker-supplied index without range validation, a victim lured to a malicious web page can trigger high-impact confidentiality, integrity and availability effects (CVSS 8.3, scope-changed). No public exploit identified at time of analysis; the flaw was reported by the vendor (GV) and documented by Cisco Talos.

Information Disclosure Geowebplayer
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13125 HIGH This Week

Missing authentication in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets any web page reach a locally-bound, unauthenticated WebSocket server and invoke sensitive APIs. By chaining the `create` method with `getScreenCapture`, a remote attacker who lures a victim to a malicious site can silently exfiltrate the contents of the user's screen. No public exploit identified at time of analysis, and the flaw is not on the CISA KEV list; CVSS is 8.8 driven by network reach and a scope change into the browsing user's data.

Authentication Bypass Geowebplayer
NVD
CVSS 3.1
8.8
EPSS
0.2%
EPSS 0% CVSS 8.3
HIGH This Week

Buffer overflow in GeoVision's GeoWebPlayer addon (also branded "Web Plugin" in GV-VMS and "WS Player" in VMS-Cloud) allows memory corruption and likely code execution in the local WebSocket server process. The `handle_connection_info` handler for the `connectionInfo` command copies attacker-controlled JSON strings (including the `ip` field) into fixed-size stack/heap buffers using unbounded byte-by-byte loops, so an oversized value overruns the buffer. Because the WebSocket server binds to localhost, exploitation is realistically driven by luring an authenticated user's browser to a malicious page that issues the command; no public exploit is identified at time of analysis and it is not listed in CISA KEV.

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Stack buffer overflow in GeoVision's GeoWebPlayer addon (also branded "Web Plugin" for GV-VMS and "WS Player" for VMS-Cloud) lets an attacker corrupt fixed-size buffers and potentially achieve code execution against users of GV-VMS, GV-Cloud and related GeoVision products. The flaw lives in the local WebSocket server's connectionInfo command handler, which copies attacker-controlled JSON strings byte-by-byte without length checks; because a malicious web page loaded in the victim's browser can drive that local WebSocket, exploitation is scored network-reachable (CVSS 8.3) but requires user interaction and high attack complexity. No public exploit is identified at time of analysis, though the issue was reported by Cisco Talos, which typically develops proof-of-concept material.

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Remote code execution in GeoVision GeoWebPlayer (the browser-facing 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and related products) is possible because the local WebSocket server's connectionInfo handler copies attacker-controlled JSON fields into fixed-size buffers with unchecked byte-by-byte loops. A remote attacker who lures a user to a malicious web page can drive the victim's browser to send an oversized password field to the localhost WebSocket, overflowing the buffer and achieving code execution (CVSS 8.3). There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Cross-site WebSocket-driven buffer overflow in GeoVision GeoWebPlayer (the 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and VMS-Cloud) lets an attacker reach the localhost WebSocket server and overflow fixed-size buffers via the `connectionInfo` command's username field, achieving memory corruption and likely code execution (CVSS 8.3, CWE-120). Because the server listens on localhost, exploitation is reached through a victim's browser visiting a malicious page (UI:R, AC:H), giving high confidentiality, integrity and availability impact with a scope change. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the flaw was independently documented by Cisco Talos (TALOS-2026-2375).

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Buffer overflow vulnerabilities in GeoVision's GeoWebPlayer WebSocket addon (CWE-120) allow a remote attacker to induce code execution by luring a user running the addon into visiting a malicious webpage that sends a crafted `connectionInfo` WebSocket command with an oversized password field to the locally-listening service. The unbounded manual byte-by-byte copy in `handle_connection_info` overwrites adjacent memory, potentially yielding full process compromise across all impact dimensions (C:H/I:H/A:H). Reported by Cisco Talos (TALOS-2026-2375) and acknowledged by GeoVision; no public exploit code or CISA KEV listing identified at time of analysis.

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Remote code execution in GeoVision GeoWebPlayer (the "Web Plugin"/"WS Player" addon bundled with GV-VMS, GV-Cloud and VMS-Cloud) is possible because the addon's localhost WebSocket server processes a 'connectionInfo' command whose handler copies attacker-supplied JSON strings into fixed-size buffers without bounds checks (CWE-120). Because the WebSocket is reachable via the victim's browser (AV:N), a malicious web page can drive the overflow when a user with the addon installed visits it (UI:R), yielding memory corruption with high confidentiality, integrity and availability impact and a scope change. No public exploit identified at time of analysis, though Cisco Talos has published a detailed report (TALOS-2026-2375); no EPSS or CISA KEV data was provided.

Buffer Overflow Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer add-on (also branded 'Web Plugin' for GV-VMS and 'WS Player' for VMS-Cloud) lets an attacker abuse the 'byPass' WebSocket command by supplying an unchecked 'index' value, corrupting memory to achieve high-impact compromise (CVSS 8.3). The bundled component runs a local WebSocket server for GeoVision web interfaces (GV-VMS, GV-Cloud); because the server is reachable from a victim's browser, a malicious web page can drive the flaw with only user interaction and no authentication. No public exploit identified at time of analysis, though a Talos vulnerability report (TALOS-2026-2373) documents the issue.

Authentication Bypass Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array indexing in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) allows a remote attacker to leak memory or crash the local WebSocket service by delivering a malformed 'pause' command. The addon runs a WebSocket server that backs the browser interfaces of GeoVision products such as GV-VMS and GV-Cloud, so any browser tricked into connecting to it can trigger the flaw. No public exploit identified at time of analysis; the issue was reported by the vendor (GeoVision) and documented by Cisco Talos (TALOS-2026-2373).

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision GeoWebPlayer (a.k.a. "Web Plugin"/"WS Player"), a websocket-server addon bundled with GV-VMS, GV-Cloud and related GeoVision software, lets an attacker who lures a victim to a malicious web page reach the localhost websocket and supply an unvalidated `index` to leak memory and corrupt state (CWE-129). The play command in particular accepts an attacker-controlled index used to index internal arrays without a range check, enabling information disclosure and potential code-path corruption. No public exploit identified at time of analysis and the issue is not in CISA KEV, but the vendor has published a security advisory and Talos has released a detailed report.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (a.k.a. 'Web Plugin' / 'WS Player') addon lets an attacker read memory, corrupt state, or crash the local WebSocket helper bundled with GV-VMS, GV-Cloud, and related surveillance software. The plugin's localhost WebSocket server processes commands (such as 'disconnect') that carry an attacker-controlled 'index' used to dereference internal arrays without bounds checking (CWE-129), yielding high confidentiality, integrity, and availability impact. The CVSS 3.1 vector (AV:N/UI:R/S:C) reflects a cross-origin browser-driven vector where a victim lured to a malicious page has their browser relay commands to the local WebSocket; there is no public exploit identified at time of analysis and no CISA KEV listing.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) can lead to remote code execution when the addon's localhost WebSocket server processes a saveVideo command with an attacker-controlled index. Because the addon ships with widely-used GeoVision products (GV-VMS, GV-Cloud) and is reachable from a victim's browser via a malicious web page, a lured user visiting attacker-controlled content can trigger an out-of-bounds function-pointer call. This is a Talos-reported (TALOS-2026-2373) issue with no public exploit identified at time of analysis and is not listed in CISA KEV.

RCE Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (the 'Web Plugin'/'WS Player' addon bundled with GV-VMS, GV-Cloud and related software) lets an attacker abuse the local WebSocket server's snapshot command by supplying an unchecked 'index' value that indexes arrays beyond their bounds. Because the CVSS vector is AV:N/UI:R with a scope change, a victim who visits a malicious web page can have their browser drive the localhost WebSocket into out-of-bounds reads/writes, yielding information disclosure and potential memory corruption (C:H/I:H/A:H). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' for VMS-Cloud) lets an attacker corrupt memory or leak sensitive data by sending a 2wayAudio WebSocket command with an unchecked index value. The addon runs a localhost WebSocket server that expands GeoVision web interfaces, and its command handlers use caller-supplied index values to index internal arrays without validating their range. Reported by GeoVision and Talos (TALOS-2026-2373); no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Memory-disclosure and denial-of-service in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) stems from an unvalidated `index` parameter in its localhost WebSocket command handler (audio command path), letting an attacker read and act on out-of-bounds array elements. Because the WebSocket listener is reachable cross-origin, a victim who is lured to a malicious web page can have their browser drive the local service, so the effective attack vector is network-based despite the server binding to localhost. No public exploit code is identified at time of analysis, though a Cisco Talos advisory (TALOS-2026-2373) documents the flaw; it is not listed in CISA KEV.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker corrupt or read process memory by sending crafted WebSocket commands to the localhost server the addon exposes. The specific 'setPIP' command accepts an attacker-controlled 'index' that is used to index internal arrays without range validation, yielding information disclosure and potential memory corruption. There is no public exploit identified at time of analysis, though a Cisco Talos technical report (TALOS-2026-2373) documents the flaw; it is not listed in CISA KEV and no EPSS score is provided.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision's GeoWebPlayer (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets an attacker abuse the addon's localhost WebSocket server via a crafted 'setStream' command whose attacker-controlled 'index' is used to index arrays without range validation (CWE-129), enabling memory disclosure and possible corruption. Because a victim's browser can be steered into connecting to the local WebSocket service, the vendor rates this AV:N/UI:R (CVSS 8.3) - a remote web page can pivot to the local service after the user visits it. No public exploit is identified at time of analysis and it is not in CISA KEV, so this is not confirmed as actively exploited.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.3
HIGH This Week

Out-of-bounds array access in GeoVision GeoWebPlayer (the "Web Plugin"/"WS Player" addon bundled with GV-VMS, GV-Cloud and related software) lets a remote attacker corrupt memory via the local WebSocket server's connectInfo command. Because the server trusts an attacker-supplied index without range validation, a victim lured to a malicious web page can trigger high-impact confidentiality, integrity and availability effects (CVSS 8.3, scope-changed). No public exploit identified at time of analysis; the flaw was reported by the vendor (GV) and documented by Cisco Talos.

Information Disclosure Geowebplayer
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Missing authentication in GeoVision's GeoWebPlayer addon (also branded 'Web Plugin' in GV-VMS and 'WS Player' in VMS-Cloud) lets any web page reach a locally-bound, unauthenticated WebSocket server and invoke sensitive APIs. By chaining the `create` method with `getScreenCapture`, a remote attacker who lures a victim to a malicious site can silently exfiltrate the contents of the user's screen. No public exploit identified at time of analysis, and the flaw is not on the CISA KEV list; CVSS is 8.8 driven by network reach and a scope change into the browsing user's data.

Authentication Bypass Geowebplayer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy