EOL GeoVision Devices Vulnerable to OS Command Injection Attacks

CVE-2024-11120

9.8CRITICAL

Key Information

Vendor: Geovision
Status: Gv-vs12; Gv-vs11; Gv-dsp Lpr V3; Gvlx 4 V2
Vendor: CVE Published:; 15 November 2024

Badges

👾 Exploit Exists🔴 Public PoC📰 News Worthy

Summary

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

Affected Version(s)

GV-VS12 = 0

GV-VS11 = 0

GV-DSP_LPR_V3 = 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-11120
Created by FoKiiin

News Articles

BleepingComputer

CVE-2024-11120

Botnet exploits GeoVision zero-day to install Mirai malware

A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks.

6 days ago

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

First article discovered by BleepingComputer
Nov 15, 2024
👾
Exploit exists.
Nov 15, 2024
Vulnerability published.
Nov 15, 2024
Vulnerability Reserved.
Nov 12, 2024

Collectors

NVD DatabaseMitre Database1 Proof of Concept(s)1 News Article(s)