PatchSiren cyber security CVE debrief
CVE-2026-42364 GeoVision Inc. CVE debrief
A critical os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. This vulnerability, tracked as CVE-2026-42364, can be exploited by modifying a configuration value, allowing an attacker to execute arbitrary commands. The vulnerability has a CVSS score of 9.9 and is considered critical.
- Vendor
- GeoVision Inc.
- Product
- GV-LPC2011/LPC2211
- CVSS
- CRITICAL 9.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-04
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-05-04
- Advisory updated
- 2026-06-15
Who should care
Administrators and users of GeoVision LPC2011/LPC2211 1.10 are advised to take immediate action to mitigate this vulnerability.
Technical summary
The vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability.
Defensive priority
high
Recommended defensive actions
- Apply patches or updates provided by the vendor (see [ref-5](https://www.geovision.com.tw/cyber_security.php))
- Review and restrict access to the DdnsSetting.cgi functionality
- Monitor for suspicious activity and implement additional security measures as needed
Evidence notes
The vulnerability is confirmed to exist in GeoVision LPC2011/LPC2211 1.10. See [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-42364) for detailed information.
Official resources
-
CVE-2026-42364 CVE record
CVE.org
-
CVE-2026-42364 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
0df08a0e-a200-4957-9bb0-084f562506f9 - Third Party Advisory
-
Mitigation or vendor reference
0df08a0e-a200-4957-9bb0-084f562506f9 - Vendor Advisory
-
Source reference
af854a3a-2127-422b-91ae-364da2661108
CVE-2026-42364 was published on 2026-05-04T01:16:03.470Z and modified on 2026-06-15T21:16:53.223Z.