Описание
GeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in 6.2.0), contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with "System Settings" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise.
EPSS
Процентиль: 93%
0.1053
Средний
8.8 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
11 месяцев назад
GeoVision GV-ASWeb with the version 6.1.2.0 or less, contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with "System Settings" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise.
EPSS
Процентиль: 93%
0.1053
Средний
8.8 High
CVSS3
Дефекты
CWE-94