{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6047", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2024-06-17T02:00:24.960Z", "datePublished": "2024-06-17T05:48:42.779Z", "dateUpdated": "2024-08-01T21:25:03.254Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "GV_DSP_LPR_V2", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_BX1500", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_CB220", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_EBL1100", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_EFD1100", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_FD2410", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_FD3400", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_FE3401", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_FE420", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV-VS14_VS14", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_VS03", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_VS2410", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_VS28XX", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_VS216XX", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV VS04A", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV VS04H", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GVLX 4 V2", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GVLX 4 V3", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_IPCAMD_GV_BX130", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}, {"defaultStatus": "unaffected", "product": "GV_GM8186_VS14", "vendor": "GeoVision", "versions": [{"status": "affected", "version": "all"}]}], "datePublic": "2024-06-17T05:48:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device."}], "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-07-17T07:33:54.631Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html"}, {"tags": ["third-party-advisory"], "url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "All affected products are no longer in surport. Please retire or replace them."}], "value": "All affected products are no longer in surport. Please retire or replace them."}], "source": {"advisory": "TVN-202406015", "discovery": "EXTERNAL"}, "tags": ["unsupported-when-assigned"], "title": "GeoVision EOL device - OS Command Injection", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "geovision", "product": "gv-dsp_lpr_v2", "cpes": ["cpe:2.3:h:geovision:gv-dsp_lpr_v2:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-bx1500", "cpes": ["cpe:2.3:h:geovision:gv-bx1500:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-cb220", "cpes": ["cpe:2.3:h:geovision:gv-cb220:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-ebl1100", "cpes": ["cpe:2.3:h:geovision:gv-ebl1100:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-efd1100", "cpes": ["cpe:2.3:h:geovision:gv-efd1100:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-fd2410", "cpes": ["cpe:2.3:h:geovision:gv-fd2410:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-fd3400", "cpes": ["cpe:2.3:h:geovision:gv-fd3400:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-fd3401", "cpes": ["cpe:2.3:h:geovision:gv-fd3401:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-fe420", "cpes": ["cpe:2.3:h:geovision:gv-fe420:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs14", "cpes": ["cpe:2.3:h:geovision:gv-vs14:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs03", "cpes": ["cpe:2.3:h:geovision:gv-vs03:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs2410", "cpes": ["cpe:2.3:h:geovision:gv-vs2410:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs04a", "cpes": ["cpe:2.3:h:geovision:gv-vs04a:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs04h", "cpes": ["cpe:2.3:h:geovision:gv-vs04h:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-lx_4_v2", "cpes": ["cpe:2.3:h:geovision:gv-lx_4_v2:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-lx_4_v3", "cpes": ["cpe:2.3:h:geovision:gv-lx_4_v3:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs28xx", "cpes": ["cpe:2.3:h:geovision:gv-vs28xx:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "geovision", "product": "gv-vs216xx", "cpes": ["cpe:2.3:h:geovision:gv-vs216xx:0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T13:03:09.938929Z", "id": "CVE-2024-6047", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T14:06:47.780Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.254Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html"}, {"tags": ["third-party-advisory", "x_transferred"], "url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html", "tags": ["third-party-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:25:03.254Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6047", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-17T13:03:09.938929Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:geovision:gv-dsp_lpr_v2:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-dsp_lpr_v2", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-bx1500:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-bx1500", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-cb220:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-cb220", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-ebl1100:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-ebl1100", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-efd1100:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-efd1100", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-fd2410:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-fd2410", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-fd3400:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-fd3400", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-fd3401:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-fd3401", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-fe420:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-fe420", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs14:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs14", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs03:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs03", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs2410:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs2410", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs04a:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs04a", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs04h:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs04h", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-lx_4_v2:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-lx_4_v2", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-lx_4_v3:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-lx_4_v3", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs28xx:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs28xx", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:geovision:gv-vs216xx:0:*:*:*:*:*:*:*"], "vendor": "geovision", "product": "gv-vs216xx", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T13:42:38.053Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "GeoVision EOL device - OS Command Injection", "source": {"advisory": "TVN-202406015", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GeoVision", "product": "GV_DSP_LPR_V2", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_BX1500", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_CB220", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_EBL1100", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_EFD1100", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_FD2410", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_FD3400", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_FE3401", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_FE420", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV-VS14_VS14", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_VS03", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_VS2410", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_VS28XX", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_VS216XX", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV VS04A", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV VS04H", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GVLX 4 V2", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GVLX 4 V3", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_IPCAMD_GV_BX130", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}, {"vendor": "GeoVision", "product": "GV_GM8186_VS14", "versions": [{"status": "affected", "version": "all"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "All affected products are no longer in surport. Please retire or replace them.", "supportingMedia": [{"type": "text/html", "value": "All affected products are no longer in surport. Please retire or replace them.", "base64": false}]}], "datePublic": "2024-06-17T05:48:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.", "supportingMedia": [{"type": "text/html", "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2024-07-17T07:33:54.631Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6047", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:25:03.254Z", "dateReserved": "2024-06-17T02:00:24.960Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2024-06-17T05:48:42.779Z", "assignerShortName": "twcert"}, "dataVersion": "5.1"}

{"cveTags": [{"sourceIdentifier": "twcert@cert.org.tw", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device."}, {"lang": "es", "value": "Ciertos dispositivos EOL GeoVision no filtran adecuadamente la entrada del usuario para la funcionalidad espec\u00edfica. Los atacantes remotos no autenticados pueden aprovechar esta vulnerabilidad para inyectar y ejecutar comandos arbitrarios del sistema en el dispositivo."}], "id": "CVE-2024-6047", "lastModified": "2024-08-01T22:15:39.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Primary"}]}, "published": "2024-06-17T06:15:09.237", "references": [{"source": "twcert@cert.org.tw", "url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html"}, {"source": "twcert@cert.org.tw", "url": "https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}

{}