CVE-2024-6047
CRITICAL KEVGeoVision EOL Devices - Unauthenticated OS Command Injection
Title source: llmExploitation Summary
CVE-2024-6047 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 7, 2025.
Description
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
References (4)
Core 4
Core References
Exploit, Third Party Advisory
https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-6047
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/tw/cp-132-7883-f5635-1.html
Third Party Advisory third-party-advisory
https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html
Scores
CVSS v3
9.8
EPSS
0.7297
EPSS Percentile
98.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2025-05-07
VulnCheck KEV
2024-09-04
ENISA EUVD
EUVD-2024-47205
CWE
CWE-78
Status
published
Products (20)
geovision/gv-bx130_firmware
geovision/gv-bx1500_firmware
geovision/gv-cb220_firmware
geovision/gv-dsp_lpr_firmware
geovision/gv-ebl1100_firmware
geovision/gv-efd1100_firmware
geovision/gv-fd2410_firmware
geovision/gv-fd3400_firmware
geovision/gv-fe3401_firmware
geovision/gv-fe420_firmware
... and 10 more
Published
Jun 17, 2024
KEV Added
May 07, 2025
Tracked Since
Feb 18, 2026