CVE-2025-26264 Information

Description

GeoVision GV-ASWeb with the version 6.1.2.0 or less contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with \System Settings\ privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server leading to a full system compromise.

Reference

https://github.com/DRAGOWN/CVE-2025-26264 https://github.com/DRAGOWN/CVE-2025-26264