CVE-2024-11120

CRITICAL KEV

Geovision Gv-vs12 Firmware - OS Command Injection

Title source: rule

Description

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. Moreover, this vulnerability has already been exploited by attackers, and we have received related reports.

Exploits (1)

inthewild

poc

https://github.com/fokiiin/cve-2024-11120

View on inthewild

References (4)

[Third Party Advisory] https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html

[Third Party Advisory] https://www.twcert.org.tw/tw/cp-132-8236-d4836-1.html

[Exploit, Third Party Advisory] https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-11120

Scores

CVSS v3 9.8

EPSS 0.6614

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2025-05-07

VulnCheck KEV 2024-11-15

ENISA EUVD EUVD-2024-33664

CWE

CWE-78

Status published

Products (4)

geovision/gv-dsp_lpr_firmware

geovision/gvlx_4_firmware

geovision/gv-vs11_firmware

geovision/gv-vs12_firmware

Published Nov 15, 2024

KEV Added May 07, 2025

Tracked Since Feb 18, 2026