CVE-2026-7841

GV-ASWeb Remote Code Execution (RCE) vulnerability

Description

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the frontend restrictions.

INFO

Published Date :

2026-05-06T06:47:53.765Z

Last Modified :

2026-05-07T01:13:11.587Z

Source :

GV

AFFECTED PRODUCTS

The following products are affected by CVE-2026-7841 vulnerability.

Vendors	Products
Geovision	Gv-asmanager
Geovision Inc.	Asmanager

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-7841.

URL	Resource
https://www.geovision.com.tw/cyber_security.php

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact