CVE Catalog

CVE-2026-42370

CriticalCVSS 9.0
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.53%

41th percentile — higher than 41% of all known CVEs

Summary

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to arbitrary code execution.

Risk Assessment

An attacker can make an unauthenticated HTTP request, potentially resulting in remote code execution and system compromise.

Recommendation

It is recommended to update the software to the latest version and implement appropriate security measures to restrict access to the login functionality.

Original NVD description (English source)

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS