CVE-2018-25118P1CRITICALCVSS 10.0Exploitedfixed in November/December 2017 firmware2025-10-20
CVE-2018-25118 [CRITICAL] CWE-78 CVE-2018-25118: GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injec
GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injection vulnerability via /PictureCatch.cgi that enables an attacker to execute arbitrary commands on the device. The vulnerable models have been declared end-of-life (EOL) by the vendor. VulnCheck has observed this vulnerability being exploited in the
nvd