CVE-2025-26264

HIGH

GeoVision GV-ASWeb <= 6.1.2.0 - Authenticated Remote Code Execution via Notification Settings

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-26264. PoCs published by Giorgi Dograshvili, DRAGOWN.

AI-analyzed exploit summary This is a writeup describing a Remote Code Execution (RCE) vulnerability in GeoVision ASManager Windows Application 6.1.2.0. The vulnerability is in the 'Notification Settings' feature and requires authentication with 'System Settings' privileges.

Description

GeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in 6.2.0), contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with "System Settings" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise.

Exploits (2)

exploitdb WRITEUP

by Giorgi Dograshvili · textremotewindows

https://www.exploit-db.com/exploits/52424

View Code ZIP pw:eip

This is a writeup describing a Remote Code Execution (RCE) vulnerability in GeoVision ASManager Windows Application 6.1.2.0. The vulnerability is in the 'Notification Settings' feature and requires authentication with 'System Settings' privileges.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GeoVision GV-ASWeb 6.1.2.0 or less

Auth required

Prerequisites: Network access to the GV-ASManager web application · Access to an account with privilege of managing Notification Settings feature

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP 7 stars

by DRAGOWN · poc

https://github.com/DRAGOWN/CVE-2025-26264

View Code ZIP pw:eip

This repository provides a detailed writeup and proof-of-concept for CVE-2025-26264, an RCE vulnerability in GeoVision GV-ASWeb v6.1.2.0 or less. The exploit leverages the Notification Settings feature to execute arbitrary commands via PowerShell, leading to full system compromise.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: GeoVision GV-ASWeb v6.1.2.0 or less

Auth required

Prerequisites: Network access to GV-ASManager web application · Account with 'System Settings' privileges

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://github.com/DRAGOWN/CVE-2025-26264

Various Sources

https://www.geovision.com.tw/download/product/GV-ASManager%20%28Access%20Control%29

Scores

CVSS v3 8.8

EPSS 0.2954

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Published Feb 27, 2025

Tracked Since Feb 18, 2026