Stack-based Buffer Overflow in GeoVision GV-LPC2011 and GV-LPC2211
CVE-2026-57880

9.8CRITICAL

Key Information:

Vendor: Geovision Inc.
Status: Gv-lpclpc2011/2211
Vendor: CVE Published:; 26 June 2026

🔔 Create Geovision Inc. Vulnerability Alert

What is CVE-2026-57880?

An unauthenticated stack-based buffer overflow vulnerability exists in the ssvr component of GeoVision's GV-LPC2011 and GV-LPC2211 products. This vulnerability arises due to inadequate bounds checking when handling RTSP Digest authentication fields. A remote attacker could exploit this issue by sending a specially crafted RTSP request that includes overly lengthy authentication data. This can lead to memory corruption and denial of service, and poses risks of arbitrary code execution.

Affected Version(s)

GV-LPCLPC2011/2211 Linux 1.12

GV-LPCLPC2011/2211 Linux 1.13

References

https://www.geovision.com.tw/cyber_security.php

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Jun 26, 2026

Credit

Jincheng Wang (@winmt), Professor Le Yu of Nanjing University of Posts and Telecommunications, and Professor Xiapu Luo of The Hong Kong Polytechnic University has reported:

CVE-2026-57880 Data

JSON