Description
A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the argument MediaServer.streamIp results in server-side request forgery. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-12
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑Side Request Forgery
Action: Apply Patch
AI Analysis

Impact

The getDownloadFilePath method in wvp‑GB28181‑pro accepts a MediaServer.streamIp parameter that is not validated, enabling an attacker to craft URLs that force the server to initiate outbound HTTP requests. Key detail from the CVE description: "The manipulation of the argument MediaServer.streamIp results in server‑side request forgery." This can allow an attacker to reach internal network resources or retrieve sensitive data, representing a Server‑Side Request Forgery (SSRF) weakness categorized as CWE‑918. The impact is remote but can expose internal systems if the application can reach them.

Affected Systems

Affected vendor product 648540858:wvp‑GB28181‑pro, all releases up to and including version 2.7.4‑20260107 as noted in the CVE description. No information is available for later releases.

Risk and Exploitability

The CVSS base score is 5.3, indicating moderate severity. The EPSS score is reported as less than 1%, implying a low current exploitation likelihood, and the vulnerability is not listed in the CISA KEV catalog (source: CVE scoring data). The description states that the exploit can be launched remotely, and it is publicly available (source: reference links). Because the flaw is an SSRF that can target arbitrary hosts, environments where the application has outbound connectivity to internal resources face higher risk. However, due to the low EPSS, the immediate threat level is moderate.

Generated by OpenCVE AI on March 18, 2026 at 16:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check for and apply any available vendor patch or upgrade to a newer unaffected release if offered.
  • If no patch is available, restrict outbound HTTP connections from the application to only trusted IP ranges via firewall rules.
  • Disable or strongly restrict access to the getDownloadFilePath endpoint, ensuring only authenticated and authorized users can invoke it.
  • Monitor application logs for abnormal outbound connections or unexpected use of the MediaServer.streamIp parameter.
  • Contact the vendor to request an official fix or advisory if none has been released.

Generated by OpenCVE AI on March 18, 2026 at 16:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 12 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared 648540858
648540858 wvp-gb28181-pro
Vendors & Products 648540858
648540858 wvp-gb28181-pro

Thu, 12 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the argument MediaServer.streamIp results in server-side request forgery. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title 648540858 wvp-GB28181-pro IP Address ABLMediaNodeServerService.java getDownloadFilePath server-side request forgery
Weaknesses CWE-918
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

648540858 Wvp-gb28181-pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-12T13:27:18.920Z

Reserved: 2026-03-11T13:31:34.186Z

Link: CVE-2026-3966

cve-icon Vulnrichment

Updated: 2026-03-12T13:27:14.537Z

cve-icon NVD

Status : Deferred

Published: 2026-03-12T00:16:12.230

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-3966

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-20T15:36:24Z

Weaknesses