top of page
perceptive_background_267k.jpg

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can …

Published:

3 May 2026 at 22:00:00

Alert date:

4 May 2026 at 02:02:31

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Network Infrastructure

A command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 version 1.10. The vulnerability allows attackers to execute arbitrary commands by crafting malicious DDNS configuration values. This affects the DDNS (Dynamic DNS) settings component of the affected GeoVision devices. Successful exploitation requires an attacker to modify configuration values to trigger the command injection. The vulnerability enables arbitrary command execution on the affected systems.

Technical details

Mitigation steps:

Affected products:

GeoVision LPC2011
GeoVision LPC2211

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-42364
https://talosintelligence.com/vulnerability_reports/
https://www.geovision.com.tw/cyber_security.php

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page