CNNVD-202510-2568 Information
CNNVD ID
CNNVD-202510-2568
Related CVE
- CNNVD Published: 2025-10-20
Description (Chinese)
GeoVision GV-BX1500和GeoVision GV-MFD1501都是中国奇偶(GeoVision)公司的一系列室内IP摄影机。 GeoVision GV-BX1500和GeoVision GV-MFD1501存在安全漏洞,该漏洞源于/PictureCatch.cgi存在远程命令注入,可能导致执行任意代码。
Description (English)
GeoVision GV-BX1500 and GeoVision GV-MFD1501 are both a series of indoor IP cameras of GeoVision. There is a security loophole in GeoVision GV-BX1500 and GeoVision GV-MFD1501, which originates from the remote command injection of /PictureCattch.cgi, which may result in the enforcement of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
奇偶
Published
2025-10-20
Last Modified
2026-02-24
References
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-249a https://www.geovision.com.tw/blog/?cat=14 https://www.vulncheck.com/advisories/geovision-command-injection-rce-picture-catch-cgi https://github.com/mcw0/PoC/blob/fb06efe05b7e240dc88ff31eb30e1ef345509dce/Geovision-PoC.py#L15 https://www.exploit-db.com/exploits/43982 https://access.redhat.com/security/cve/cve-2018-25118
Share on: