cbcvebase.
CVE-2026-57872
published 2026-06-26

CVE-2026-57872: An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is…

PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.97%
57.4th percentile
An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attacker may exploit this vulnerability by sending a crafted request to read arbitrary files accessible to the affected process, resulting in information disclosure.

Affected

1 ranges
VendorProductVersion rangeFixed in
geovision_incgv-lpclpc2011_2211
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.