Geovision Inc Gv-Lpclpc2011 2211 vulnerabilities
10 known vulnerabilities affecting geovision_inc/gv-lpclpc2011_2211.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH6
Vulnerabilities
Page 1 of 1
CVE-2026-57878P2CRITICALCVSS 9.8v1.122026-06-26
CVE-2026-57878 [CRITICAL] CWE-121 CVE-2026-57878: An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC201
An unauthenticated
stack-based buffer overflow vulnerability exists in thttpd in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient bounds checking when processing web request parameters in a
specific request path. A remote attacker may exploit this vulnerability by
sending a crafted HTTP request wit
nvd
CVE-2026-57879P2CRITICALCVSS 9.8v1.122026-06-26
CVE-2026-57879 [CRITICAL] CWE-121 CVE-2026-57879: An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011
An unauthenticated
stack-based buffer overflow vulnerability exists in ssvr in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient bounds checking when processing RTSP custom authentication data. A
remote attacker may exploit this vulnerability by sending a crafted RTSP
request, resulting in memory cor
nvd
CVE-2026-57880P2CRITICALCVSS 9.8v1.122026-06-26
CVE-2026-57880 [CRITICAL] CWE-121 CVE-2026-57880: An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011
An unauthenticated
stack-based buffer overflow vulnerability exists in ssvr in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient bounds checking when parsing RTSP Digest authentication fields. A
remote attacker may exploit this vulnerability by sending a crafted RTSP
request containing overly long au
nvd
CVE-2026-57881P3CRITICALCVSS 9.8v1.122026-06-26
CVE-2026-57881 [CRITICAL] CWE-121 CVE-2026-57881: An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011
An unauthenticated
stack-based buffer overflow vulnerability exists in vlsvr in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient length validation when processing remote login data. A remote
attacker may exploit this vulnerability by sending crafted login data with
overly long input, resulting in m
nvd
CVE-2026-57872P3HIGHCVSS 7.5v1.122026-06-26
CVE-2026-57872 [HIGH] CWE-22 CVE-2026-57872: An unauthenticated directory traversal vulnerability exists in get_fcont.cgi in GeoVision GV-LPC2011
An unauthenticated
directory traversal vulnerability exists in get_fcont.cgi in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient validation of user-supplied file path input before the requested
file is accessed by the CGI component. A remote attacker may exploit this
vulnerability by sending a crafted r
nvd
CVE-2026-57877P3HIGHCVSS 8.6v1.122026-06-26
CVE-2026-57877 [HIGH] CWE-134 CVE-2026-57877: An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC221
An unauthenticated
format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and
GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling
of externally controlled input during log message formatting in the login
processing path. A remote attacker may exploit this vulnerability by sending
crafted login data, potentially
nvd
CVE-2026-57875P3HIGHCVSS 7.5v1.122026-06-26
CVE-2026-57875 [HIGH] CWE-476 CVE-2026-57875: An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic o
An unauthenticated
NULL pointer dereference vulnerability exists in the HTTP request parsing logic
of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and
earlier. The vulnerability is caused by improper validation of required HTTP
request metadata before it is used by the affected components. A remote attacker
may exploit this vul
nvd
CVE-2026-57876P3HIGHCVSS 7.5v1.122026-06-26
CVE-2026-57876 [HIGH] CWE-787 CVE-2026-57876: An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and
An unauthenticated
out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011
and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient
bounds checking when processing HTTP request body data. A remote attacker may
exploit this vulnerability by sending a crafted request with excessive input,
causing memory corrupt
nvd
CVE-2026-57873P3HIGHCVSS 7.5v1.122026-06-26
CVE-2026-57873 [HIGH] CWE-476 CVE-2026-57873: An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVisio
An unauthenticated
NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
improper validation of multipart upload headers when processing
certificate-related upload fields. A remote attacker may exploit this
vulnerability by sending a malformed mult
nvd
CVE-2026-57874P3HIGHCVSS 7.5v1.122026-06-26
CVE-2026-57874 [HIGH] CWE-120 CVE-2026-57874: An unauthenticated buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2
An unauthenticated
buffer overflow vulnerability exists in IEEE8021x_upload.cgi in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient bounds checking when parsing filename values in multipart upload
data. A remote attacker may exploit this vulnerability by sending a crafted
upload request with overly lon
nvd