CVE-2026-7841 GeoVision Inc. CVE debrief

Who should care

Organizations using GeoVision GV-ASWeb 6.2.0 for access control and security management, particularly those with external-facing administrative interfaces or multiple users granted System Setting permissions.

Technical summary

CVE-2026-7841 is a high-severity remote code execution vulnerability in GeoVision GV-ASWeb 6.2.0. The flaw resides in the Notification Settings functionality, where an authenticated attacker with System Setting permissions can submit a crafted HTTP POST request directly to the ASWebCommon.srf backend endpoint. This bypasses frontend restrictions and allows arbitrary command execution on the server. The vulnerability requires low attack complexity and low privileges, with no user interaction needed. The attack vector is network-based, and successful exploitation results in high impact to confidentiality, integrity, and availability.

Defensive priority

HIGH

Recommended defensive actions

• Restrict network access to GV-ASWeb 6.2.0 administrative interfaces to trusted administrative hosts only
• Audit and limit System Setting permissions to essential personnel
• Monitor for anomalous HTTP POST requests to ASWebCommon.srf endpoint
• Apply vendor security updates when available from GeoVision
• Review notification configuration changes for unauthorized modifications

Evidence notes

CVE published 2026-05-06; modified 2026-05-19. CVSS 3.1 score 8.8 (HIGH). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. CWE-94 (Improper Control of Generation of Code). Vendor identified as GeoVision based on reference domain. Vulnerability affects GV-ASWeb 6.2.0 specifically. No KEV listing as of disclosure date.

Official resources