Vulnerability Details CVE-2026-42364
An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.7%
CVSS Severity
CVSS v3 Score 9.9
References
Products affected by CVE-2026-42364
-
cpe:2.3:h:geovision:gv-lpc2011:-
-
cpe:2.3:h:geovision:gv-lpc2211:-
-
cpe:2.3:o:geovision:gv-lpc2011_firmware:1.10
-
cpe:2.3:o:geovision:gv-lpc2211_firmware:1.10