Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
References
| Link | Resource |
|---|---|
| https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html | Third Party Advisory |
| https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html | Third Party Advisory |
| https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html | Third Party Advisory |
| https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html | Third Party Advisory |
| https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
Configuration 9 (hide)
| AND |
|
Configuration 10 (hide)
| AND |
|
Configuration 11 (hide)
| AND |
|
Configuration 12 (hide)
| AND |
|
Configuration 13 (hide)
| AND |
|
Configuration 14 (hide)
| AND |
|
Configuration 15 (hide)
|
Configuration 16 (hide)
| AND |
|
Configuration 17 (hide)
| AND |
|
Configuration 18 (hide)
| AND |
|
Configuration 19 (hide)
| AND |
|
History
09 May 2025, 14:23
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| References | () https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html - Third Party Advisory | |
| References | () https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html - Third Party Advisory | |
| First Time |
Geovision gv Ipcamd Gv Fd3400 Firmware
Geovision gv-vs14 Vs14 Firmware Geovision gv Vs28xx Firmware Geovision gv Gm8186 Vs14 Firmware Geovision gv Ipcamd Gv Fd2410 Firmware Geovision gv Vs216xx Geovision gv Ipcamd Gv Fe3401 Geovision gv Vs03 Geovision gv Gm8186 Vs14 Geovision gv Vs2410 Geovision gv Vs04a Geovision gv Ipcamd Gv Fd2410 Geovision gv-vs14 Vs14 Geovision gv Vs04a Firmware Geovision gv Ipcamd Gv Bx1500 Firmware Geovision Geovision gv Vs03 Firmware Geovision gv Vs2410 Firmware Geovision gv Ipcamd Gv Efd1100 Firmware Geovision gv Vs216xx Firmware Geovision gv-dsp Lpr Geovision gv Vs04h Geovision gv Ipcamd Gv Fd3400 Geovision gv Ipcamd Gv Bx1500 Geovision gv Vs04h Firmware Geovision gv Ipcamd Gv Efd1100 Geovision gvlx 4 Firmware Geovision gv Ipcamd Gv Ebl1100 Firmware Geovision gv Ipcamd Gv Cb220 Geovision gv Ipcamd Gv Fe3401 Firmware Geovision gvlx 4 Geovision gv Ipcamd Gv Bx130 Firmware Geovision gv Ipcamd Gv Fe420 Firmware Geovision gv Ipcamd Gv Ebl1100 Geovision gv-dsp Lpr Firmware Geovision gv Ipcamd Gv Bx130 Geovision gv Ipcamd Gv Fe420 Geovision gv Ipcamd Gv Cb220 Firmware |
|
| CPE | cpe:2.3:o:geovision:gv_vs28xx_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv-dsp_lpr:2.0:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_efd1100_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_gm8186_vs14:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_bx1500_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_vs04h_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_vs216xx:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_bx1500:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_bx130:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_gm8186_vs14_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_vs03_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_vs03:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_vs04h:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_bx130_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_vs2410_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_ebl1100:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_fd3400_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv-dsp_lpr_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gvlx_4_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_fe420_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gvlx_4:2.0:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_fe3401:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gvlx_4:3.0:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_fd2410:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_vs2410:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_fe3401_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_fd3400:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_efd1100:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_ebl1100_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_vs04a_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_vs04a:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_cb220_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv-vs14_vs14_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_vs216xx_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:geovision:gv_ipcamd_gv_fd2410_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv-vs14_vs14:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_fe420:-:*:*:*:*:*:*:* cpe:2.3:h:geovision:gv_ipcamd_gv_cb220:-:*:*:*:*:*:*:* |
Information
Published : 2024-06-17 06:15
Updated : 2025-05-09 14:23
NVD link : CVE-2024-6047
Mitre link : CVE-2024-6047
CVE.ORG link : CVE-2024-6047
JSON object : View
Products Affected
geovision
- gv_ipcamd_gv_fd3400
- gv_vs04a_firmware
- gv_vs04h
- gv-dsp_lpr_firmware
- gv_vs28xx_firmware
- gv_vs216xx
- gv_ipcamd_gv_bx1500_firmware
- gv_ipcamd_gv_fd3400_firmware
- gv_ipcamd_gv_bx1500
- gv_ipcamd_gv_fe420
- gv_ipcamd_gv_ebl1100_firmware
- gv_vs04h_firmware
- gv_ipcamd_gv_fd2410
- gvlx_4
- gv_ipcamd_gv_fe420_firmware
- gv-dsp_lpr
- gv_ipcamd_gv_bx130_firmware
- gv-vs14_vs14
- gv_vs2410
- gv_vs04a
- gv_ipcamd_gv_ebl1100
- gv_ipcamd_gv_fe3401
- gv_ipcamd_gv_cb220
- gv_ipcamd_gv_efd1100
- gv_vs2410_firmware
- gv-vs14_vs14_firmware
- gv_ipcamd_gv_bx130
- gv_vs03
- gv_gm8186_vs14
- gv_gm8186_vs14_firmware
- gvlx_4_firmware
- gv_ipcamd_gv_fd2410_firmware
- gv_vs03_firmware
- gv_ipcamd_gv_efd1100_firmware
- gv_ipcamd_gv_cb220_firmware
- gv_vs216xx_firmware
- gv_ipcamd_gv_fe3401_firmware
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')