Security Advisory

CVE-2026-7841

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-05-06 06:47:53

Last updated 2026-05-07 01:13:11

Assigner GV

State PUBLISHED

Description

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the frontend restrictions.

← Browse all CVEs View on cve.org ↗