CVE-2024-6047: GeoVision EOL device - OS Command Injection
First published: Mon Jun 17 2024(Updated: )
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GeoVision Multiple Devices | ||
| GeoVision Multiple Devices | ||
| All of | ||
| Geovision Gv-dsp Lpr Firmware | ||
| Geovision Gv-dsp Lpr Firmware | =2.0 | |
| All of | ||
| Geovision Gv Ipcamd Gv Bx130 Firmware | ||
| Geovision Gv Ipcamd Gv Bx130 Firmware | ||
| All of | ||
| Geovision Gv Ipcamd Gv Bx1500 | ||
| Geovision Gv Ipcamd Gv Bx1500 Firmware | ||
| All of | ||
| Geovision GV-IPCAMD GV-CB220 Firmware | ||
| Geovision GV-IPCAMD GV-CB220 Firmware | ||
| All of | ||
| Geovision Gv Ebl1100 | ||
| Geovision Gv Ebl1100 | ||
| All of | ||
| Geovision Gv Ipcamd Gv Efd1100 Firmware | ||
| Geovision Gv Ipcamd Gv Efd1100 | ||
| All of | ||
| Geovision GV-IPCAMD GV-FD2410 Firmware | ||
| Geovision GV-IPCAMD GV-FD2410 Firmware | ||
| All of | ||
| Geovision Gv Ipcamd Gv Fd3400 | ||
| Geovision Gv Ipcamd Gv Fd3400 Firmware | ||
| All of | ||
| Geovision Gv Ipcamd Gv Fe3401 Firmware | ||
| Geovision Gv Ipcamd Gv Fe3401 | ||
| All of | ||
| Geovision Gv Ipcamd Gv Fe420 Firmware | ||
| Geovision Gv Ipcamd Gv Fe420 Firmware | ||
| All of | ||
| Geovision Gv Gm8186 Vs14 | ||
| Geovision Gv Gm8186 Vs14 Firmware | ||
| All of | ||
| Geovision Gv-vs14 Vs14 Firmware | ||
| Geovision Gv Gm8186 Vs14 | ||
| All of | ||
| Geovision Gv VS03 | ||
| Geovision Gv Vs03 Firmware | ||
| All of | ||
| Geovision Gv Vs2410 Firmware | ||
| Geovision Gv Vs2410 Firmware | ||
| Geovision Gv Vs28xx Firmware | ||
| All of | ||
| Geovision Gv Vs216xx Firmware | ||
| Geovision Gv Vs216xx | ||
| All of | ||
| Geovision Gv Vs04a Firmware | ||
| Geovision GV-VS04A | ||
| All of | ||
| Geovision Gv Vs04h | ||
| Geovision Gv Vs04h Firmware | ||
| All of | ||
| Geovision GVLX 4 | ||
| Any of | ||
| Geovision GVLX 4 Firmware | =2.0 | |
| Geovision GVLX 4 Firmware | =3.0 |
Remedy
All affected products are no longer in surport. Please retire or replace them.
Remedy
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html
- https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html
- https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet
- https://dlcdn.geovision.com.tw/TechNotice/CyberSecurity/Security_Advisory_IP_Device_2024-11.pdf
- https://nvd.nist.gov/vuln/detail/CVE-2024-6047
Frequently Asked Questions
What is the severity of CVE-2024-6047?
CVE-2024-6047 has been classified as a high severity vulnerability due to the potential for unauthenticated remote code execution.
How do I fix CVE-2024-6047?
To mitigate CVE-2024-6047, update your GeoVision EOL device to the latest firmware version that addresses this vulnerability.
Who is affected by CVE-2024-6047?
The CVE-2024-6047 vulnerability affects certain end-of-life (EOL) GeoVision devices that do not properly filter user inputs.
What kind of attacks can be executed using CVE-2024-6047?
CVE-2024-6047 allows unauthenticated remote attackers to inject and execute arbitrary system commands on the affected GeoVision devices.
Is authentication required to exploit CVE-2024-6047?
No, CVE-2024-6047 can be exploited by attackers without authentication, making it particularly dangerous.
- agent/title
- agent/first-publish-date
- agent/type
- agent/severity
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/references
- agent/remedy
- agent/weakness
- agent/event
- collector/nvd-cve
- source/NVD
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/cisa-known-exploited
- source/CISA
- exploited/true
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- vendor/geovision
- canonical/geovision multiple devices
- canonical/geovision gv-dsp lpr firmware
- version/geovision gv-dsp lpr firmware/2.0
- canonical/geovision gv ipcamd gv bx130 firmware
- canonical/geovision gv ipcamd gv bx1500
- canonical/geovision gv ipcamd gv bx1500 firmware
- canonical/geovision gv-ipcamd gv-cb220 firmware
- canonical/geovision gv ebl1100
- canonical/geovision gv ipcamd gv efd1100 firmware
- canonical/geovision gv ipcamd gv efd1100
- canonical/geovision gv-ipcamd gv-fd2410 firmware
- canonical/geovision gv ipcamd gv fd3400
- canonical/geovision gv ipcamd gv fd3400 firmware
- canonical/geovision gv ipcamd gv fe3401 firmware
- canonical/geovision gv ipcamd gv fe3401
- canonical/geovision gv ipcamd gv fe420 firmware
- canonical/geovision gv gm8186 vs14
- canonical/geovision gv gm8186 vs14 firmware
- canonical/geovision gv-vs14 vs14 firmware
- canonical/geovision gv vs03
- canonical/geovision gv vs03 firmware
- canonical/geovision gv vs2410 firmware
- canonical/geovision gv vs28xx firmware
- canonical/geovision gv vs216xx firmware
- canonical/geovision gv vs216xx
- canonical/geovision gv vs04a firmware
- canonical/geovision gv-vs04a
- canonical/geovision gv vs04h
- canonical/geovision gv vs04h firmware
- canonical/geovision gvlx 4
- canonical/geovision gvlx 4 firmware
- version/geovision gvlx 4 firmware/2.0
- version/geovision gvlx 4 firmware/3.0