Description
An unauthenticated
stack-based buffer overflow vulnerability exists in thttpd in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient bounds checking when processing web request parameters in a
specific request path. A remote attacker may exploit this vulnerability by
sending a crafted HTTP request with overly long input, resulting in memory
corruption, denial of service, or potentially arbitrary code execution.
Published: 2026-06-26
Score: 9.8 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack‑based buffer overflow in thttpd on GeoVision’s GV‑LPC2011 and GV‑LPC2211 appliances allows an unauthenticated attacker to send an overly long HTTP request that overflows a server buffer, potentially corrupting memory, crashing the service, or executing arbitrary code. This classic stack‑overflow flaw is identified as CWE‑121.

Affected Systems

The vulnerability affects GeoVision Inc.'s GV‑LPC2011 and GV‑LPC2211 appliances that run thttpd. Firmware versions V1.12 and earlier are known to be vulnerable; the listing does not explicitly include V1.13, which is presumed to contain the fix.

Risk and Exploitability

With a CVSS score of 9.8, the issue is critical and remotely exploitable via a crafted HTTP request. EPSS data is unavailable, and the vulnerability is not yet listed in CISA's KEV catalog, but the lack of discovery data does not reduce the likelihood that attackers will target these widely deployed surveillance devices. Successful exploitation could grant the attacker remote code execution or cause a denial of service for the managed device.

Generated by OpenCVE AI on June 26, 2026 at 08:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the GV‑LPC2011/LPC2211 firmware to a version that includes the thttpd patch (e.g., any release newer than V1.12).
  • If an immediate firmware upgrade is not possible, restrict external network access to the device by placing it behind a firewall or ACL that permits traffic only from trusted hosts or IP ranges.
  • Disable the thttpd service or remove it from the device if the web interface is not required for normal operation.

Generated by OpenCVE AI on June 26, 2026 at 08:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 26 Jun 2026 07:45:00 +0000

Type Values Removed Values Added
Description An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this vulnerability by sending a crafted HTTP request with overly long input, resulting in memory corruption, denial of service, or potentially arbitrary code execution.
Title GV-LPC2011/LPC2211 - unauthorized buffer overflow vulnerability (thttpd)
First Time appeared Geovision Inc.
Geovision Inc. gv-lpclpc2011 2211
Weaknesses CWE-121
CPEs cpe:2.3:a:geovision_inc.:gv-lpclpc2011_2211:1.12:*:linux:*:*:*:*:*
cpe:2.3:a:geovision_inc.:gv-lpclpc2011_2211:1.13:*:linux:*:*:*:*:*
Vendors & Products Geovision Inc.
Geovision Inc. gv-lpclpc2011 2211
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Geovision Inc. Gv-lpclpc2011 2211
cve-icon MITRE

Status: PUBLISHED

Assigner: GV

Published:

Updated: 2026-06-26T15:46:18.283Z

Reserved: 2026-06-26T02:40:42.397Z

Link: CVE-2026-57878

cve-icon Vulnrichment

Updated: 2026-06-26T15:46:14.673Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:00:13Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow