CVE-2026-42369

May 4, 2026, 3:21 p.m.

10.0
Critical

Description

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access to the management and monitoring feature via a regular Web interface. This webersever is another native application, compiled without ASLR, which makes exploitation much easier and more likely. Most of the features require authentication before being reachable and leverage a standard login page to grant access. However the `gvapi` endpoint uses its own authentication mechanism via an `HTTP Authorization` header. It supports both `Basic` authentication and the `Digest` modes of authentication.   #### Stack-overflow via unbound copy of base64 decoded string The `b64decoder` string is sized dynamically, but it is then copied to the `Buffer` stack variable one character at the time at [0], and there's no bound-check. As such, if the decoded string is bigger than 256 characters (the size of the `Buffer` variable) then a stack overflow occurs. Because the data can be fully controlled by an attacker and lack of ASLR, this vulnerability can easily be exploited to gain full code execution as SYSTEM on the machine running the service.

Product(s) Impacted

Vendor Product Versions
Gv-vms
  • Gv-vms
  • Gv-vms Webserver
  • 20
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a gv-vms gv-vms 20 / / / / / / /
a gv-vms gv-vms_webserver / / / / / / / /

References

https://https://talosintelligence.com/vulnerability_reports/
https://www.geovision.com.tw/cyber_security.php

Tags

CWE-787
0df08a0e-a200-4957-9bb0-084f562506f9
2026-05-04
CVE-2026-42369

CVSS Score

10.0 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: CHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

    View Vector String

Timeline

Published: May 4, 2026, 1:16 a.m.
Last Modified: May 4, 2026, 3:21 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

0df08a0e-a200-4957-9bb0-084f562506f9

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.