Gv Vms V20 0 2
Monthly
Remote code execution in GeoVision GV-VMS V20 (version 20.0.2) allows unauthenticated attackers to corrupt stack memory via a crafted HTTP request to the WebCam Server Login functionality, leading to arbitrary code execution on the video management system. The flaw is a CWE-787 out-of-bounds write (stack buffer overflow) carrying a CVSS 9.8 score, and no public exploit identified at time of analysis, though Talos has published a vulnerability report (TALOS-2026-2369). EPSS is currently low at 0.12%, but the unauthenticated network attack surface on a video surveillance product makes this a high-priority patching target.
Remote code execution in GeoVision GV-VMS V20 20.0.2 allows unauthenticated attackers to execute arbitrary code as SYSTEM via stack overflow in WebCam Server Login functionality. A specially crafted HTTP request with oversized username or password fields (exceeding 40 characters) triggers unconstrained sscanf buffer handling. CVSS 9.0 with high attack complexity reflects exploitation constraints (no null bytes allowed in payload), though network vector and lack of authentication requirements present significant risk. No active exploitation confirmed (not in CISA KEV); EPSS data unavailable for final risk assessment.
Remote unauthenticated code execution in GeoVision GV-VMS V20 WebCam Server allows attackers to execute arbitrary code as SYSTEM via stack buffer overflow. The `gvapi` endpoint bypasses standard authentication and copies base64-decoded HTTP Authorization headers into a 256-byte stack buffer without bounds checking, enabling full stack control. The WebCam Server binary is compiled without ASLR, significantly lowering exploitation complexity. CVSS 10.0 with network vector, no prerequisites, and changed scope reflecting system-level compromise. Publicly disclosed by Cisco Talos and vendor advisory available from GeoVision.
Remote code execution in GeoVision GV-VMS V20 (version 20.0.2) allows unauthenticated attackers to corrupt stack memory via a crafted HTTP request to the WebCam Server Login functionality, leading to arbitrary code execution on the video management system. The flaw is a CWE-787 out-of-bounds write (stack buffer overflow) carrying a CVSS 9.8 score, and no public exploit identified at time of analysis, though Talos has published a vulnerability report (TALOS-2026-2369). EPSS is currently low at 0.12%, but the unauthenticated network attack surface on a video surveillance product makes this a high-priority patching target.
Remote code execution in GeoVision GV-VMS V20 20.0.2 allows unauthenticated attackers to execute arbitrary code as SYSTEM via stack overflow in WebCam Server Login functionality. A specially crafted HTTP request with oversized username or password fields (exceeding 40 characters) triggers unconstrained sscanf buffer handling. CVSS 9.0 with high attack complexity reflects exploitation constraints (no null bytes allowed in payload), though network vector and lack of authentication requirements present significant risk. No active exploitation confirmed (not in CISA KEV); EPSS data unavailable for final risk assessment.
Remote unauthenticated code execution in GeoVision GV-VMS V20 WebCam Server allows attackers to execute arbitrary code as SYSTEM via stack buffer overflow. The `gvapi` endpoint bypasses standard authentication and copies base64-decoded HTTP Authorization headers into a 256-byte stack buffer without bounds checking, enabling full stack control. The WebCam Server binary is compiled without ASLR, significantly lowering exploitation complexity. CVSS 10.0 with network vector, no prerequisites, and changed scope reflecting system-level compromise. Publicly disclosed by Cisco Talos and vendor advisory available from GeoVision.