Description

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.

INFO

Published Date :

2024-06-17T05:48:42.779Z

Last Modified :

2025-10-21T22:56:21.904Z

Source :

twcert
AFFECTED PRODUCTS

The following products are affected by CVE-2024-6047 vulnerability.

Vendors Products
Geovision
  • Gv-bx130
  • Gv-bx130 Firmware
  • Gv-bx1500
  • Gv-bx1500 Firmware
  • Gv-cb220
  • Gv-cb220 Firmware
  • Gv-dsp Lpr
  • Gv-dsp Lpr Firmware
  • Gv-dsp Lpr V2
  • Gv-ebl1100
  • Gv-ebl1100 Firmware
  • Gv-efd1100
  • Gv-efd1100 Firmware
  • Gv-fd2410
  • Gv-fd2410 Firmware
  • Gv-fd3400
  • Gv-fd3400 Firmware
  • Gv-fd3401
  • Gv-fe3401
  • Gv-fe3401 Firmware
  • Gv-fe420
  • Gv-fe420 Firmware
  • Gv-gm8186 Vs14
  • Gv-gm8186 Vs14 Firmware
  • Gv-lx 4 V2
  • Gv-lx 4 V3
  • Gv-vs03
  • Gv-vs03 Firmware
  • Gv-vs04a
  • Gv-vs04a Firmware
  • Gv-vs04h
  • Gv-vs04h Firmware
  • Gv-vs14
  • Gv-vs14 Firmware
  • Gv-vs21600
  • Gv-vs21600 Firmware
  • Gv-vs216xx
  • Gv-vs2410
  • Gv-vs2410 Firmware
  • Gv-vs2800
  • Gv-vs2800 Firmware
  • Gv-vs2820
  • Gv-vs2820 Firmware
  • Gv-vs28xx
  • Gvlx 4
  • Gvlx 4 Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-6047.

URL Resource
https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-6047 cve-icon cve-icon
https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html cve-icon cve-icon
https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact