CVE-2026-42370
CriticalCVSS 9.0Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to arbitrary code execution.
Risk Assessment
An attacker can make an unauthenticated HTTP request, potentially resulting in remote code execution and system compromise.
Recommendation
It is recommended to update the software to the latest version and implement appropriate security measures to restrict access to the login functionality.
Original NVD description (English source)
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

