Gv I O Box 4E
Monthly
Remote OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the DVRSearch service or Network.cgi endpoint. The flaw lives in libNetSetObj.so where DNS configuration values are concatenated into a shell command string and passed to system() without sanitization. No public exploit identified at time of analysis, but the vendor advisory and a Talos vulnerability report are published.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows authenticated remote attackers to execute arbitrary shell commands via unsanitized gateway address input passed to system() inside libNetSetObj.so. The flaw is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, granting full device compromise. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers who can reach the device's network services to execute arbitrary shell commands via unsanitised netmask input passed to system() inside libNetSetObj.so. The flawed CNetSetObj::m_F_n_Set_Net_Mask routine is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, yielding code execution in the context of the configuration daemon. No public exploit identified at time of analysis, but the Talos report provides full reverse-engineered detail that materially lowers the barrier to weaponisation.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows remote attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the libNetSetObj.so library via the DVRSearch service or Network.cgi endpoint. The flaw stems from unsanitized attacker-controlled IP address input passed directly to system() in CNetSetObj::m_F_n_Set_IP_Addr. No public exploit identified at time of analysis, though Talos Intelligence disclosed the issue with technical detail (TALOS-2026-2379).
Remote unauthenticated stack-based buffer overflow in GeoVision GV-I/O Box 4E smart I/O appliances allows any host on the same network to corrupt memory in the DVRSearch service (UDP/10001) by sending a crafted message that triggers an unbounded memcpy of the device's configured DNS address into a fixed-size stack buffer. The flaw is rated CVSS 10.0 with scope change and full CIA impact, and no public exploit has been identified at time of analysis. Successful exploitation can fully compromise the embedded controller used for relay/I/O automation.
Stack-based buffer overflow in the GeoVision GV-I/O Box 4E DVRSearch service allows unauthenticated network attackers to corrupt memory by sending a crafted UDP datagram to port 10001. The flaw stems from an unchecked memcpy of the device's configured gateway field into a fixed-offset reply buffer, enabling code execution on the embedded device with no public exploit identified at time of analysis.
Stack-based buffer overflow in GeoVision GV-I/O Box 4E allows unauthenticated remote attackers to overflow a fixed-size stack buffer by sending a crafted UDP packet to the DVRSearch service on port 10001. The flaw, tracked as CWE-121 with a maximum CVSS 10.0 score and scope change, can be triggered by any host able to reach the device on the network, with no public exploit identified at time of analysis.
Stack-based buffer overflow in GeoVision GV-I/O Box 4E embedded I/O controllers allows unauthenticated network attackers to corrupt memory via the DVRSearch service on UDP port 10001. The vulnerable code path uses memcpy with an attacker-influenced length derived from a stored IP address into a fixed-size stack buffer, yielding potential remote code execution at CVSS 10.0 with scope change. No public exploit identified at time of analysis, though Talos has published a vulnerability report (TALOS-2026-2377).
Remote OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the DVRSearch service or Network.cgi endpoint. The flaw lives in libNetSetObj.so where DNS configuration values are concatenated into a shell command string and passed to system() without sanitization. No public exploit identified at time of analysis, but the vendor advisory and a Talos vulnerability report are published.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows authenticated remote attackers to execute arbitrary shell commands via unsanitized gateway address input passed to system() inside libNetSetObj.so. The flaw is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, granting full device compromise. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows attackers who can reach the device's network services to execute arbitrary shell commands via unsanitised netmask input passed to system() inside libNetSetObj.so. The flawed CNetSetObj::m_F_n_Set_Net_Mask routine is reachable through both the network-exposed DVRSearch service and the Network.cgi endpoint, yielding code execution in the context of the configuration daemon. No public exploit identified at time of analysis, but the Talos report provides full reverse-engineered detail that materially lowers the barrier to weaponisation.
OS command injection in GeoVision GV-I/O Box 4E firmware 2.09 allows remote attackers with high privileges to execute arbitrary shell commands by sending crafted network packets to the libNetSetObj.so library via the DVRSearch service or Network.cgi endpoint. The flaw stems from unsanitized attacker-controlled IP address input passed directly to system() in CNetSetObj::m_F_n_Set_IP_Addr. No public exploit identified at time of analysis, though Talos Intelligence disclosed the issue with technical detail (TALOS-2026-2379).
Remote unauthenticated stack-based buffer overflow in GeoVision GV-I/O Box 4E smart I/O appliances allows any host on the same network to corrupt memory in the DVRSearch service (UDP/10001) by sending a crafted message that triggers an unbounded memcpy of the device's configured DNS address into a fixed-size stack buffer. The flaw is rated CVSS 10.0 with scope change and full CIA impact, and no public exploit has been identified at time of analysis. Successful exploitation can fully compromise the embedded controller used for relay/I/O automation.
Stack-based buffer overflow in the GeoVision GV-I/O Box 4E DVRSearch service allows unauthenticated network attackers to corrupt memory by sending a crafted UDP datagram to port 10001. The flaw stems from an unchecked memcpy of the device's configured gateway field into a fixed-offset reply buffer, enabling code execution on the embedded device with no public exploit identified at time of analysis.
Stack-based buffer overflow in GeoVision GV-I/O Box 4E allows unauthenticated remote attackers to overflow a fixed-size stack buffer by sending a crafted UDP packet to the DVRSearch service on port 10001. The flaw, tracked as CWE-121 with a maximum CVSS 10.0 score and scope change, can be triggered by any host able to reach the device on the network, with no public exploit identified at time of analysis.
Stack-based buffer overflow in GeoVision GV-I/O Box 4E embedded I/O controllers allows unauthenticated network attackers to corrupt memory via the DVRSearch service on UDP port 10001. The vulnerable code path uses memcpy with an attacker-influenced length derived from a stored IP address into a fixed-size stack buffer, yielding potential remote code execution at CVSS 10.0 with scope change. No public exploit identified at time of analysis, though Talos has published a vulnerability report (TALOS-2026-2377).