Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-13125

Summary
Assigner-GV
Assigner Org ID-0df08a0e-a200-4957-9bb0-084f562506f9
Published At-02 Jul, 2026 | 02:14
Updated At-02 Jul, 2026 | 12:30
Rejected At-
Credits

GeoVision GeoWebPlayer 1.1.1.0 Websocket Server function vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. In order to access the websocket server, no authentication is required. As such, any malicious website can attempt to open a connection to the server and potentially access sensitive APIs. In particular, it's possible to call a combination of the `create` method and `getScreenCapture` to retrieve the content of the user's screen.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GV
Assigner Org ID:0df08a0e-a200-4957-9bb0-084f562506f9
Published At:02 Jul, 2026 | 02:14
Updated At:02 Jul, 2026 | 12:30
Rejected At:
▼CVE Numbering Authority (CNA)
GeoVision GeoWebPlayer 1.1.1.0 Websocket Server function vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. In order to access the websocket server, no authentication is required. As such, any malicious website can attempt to open a connection to the server and potentially access sensitive APIs. In particular, it's possible to call a combination of the `create` method and `getScreenCapture` to retrieve the content of the user's screen.

Affected Products
Vendor
GeoVision Inc.
Product
GeoWebPlayer
Package Name
GeoWebPlayer
Platforms
  • Windows
  • 64 bit
Default Status
unaffected
Versions
Affected
  • V1.1.1.0
Unaffected
  • V1.1.3.0
Problem Types
TypeCWE IDDescription
CWECWE-306CWE-306 Missing authentication for critical function
Type: CWE
CWE ID: CWE-306
Description: CWE-306 Missing authentication for critical function
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-1CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
CAPEC ID: CAPEC-1
Description: CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs
Solutions

The vulnerability has been patched with GeoWebPlayer V1.1.3.0

Configurations

Workarounds

Exploits

Credits

finder
Philippe Laulheret of Cisco Talos
remediation reviewer
Kelly Patterson of Cisco Talos
coordinator
Robert Sherwin of Cisco Talos
Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.geovision.com.tw/cyber_security.php
N/A
Hyperlink: https://www.geovision.com.tw/cyber_security.php
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2370
N/A
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2370
Resource: N/A
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:0df08a0e-a200-4957-9bb0-084f562506f9
Published At:02 Jul, 2026 | 04:17
Updated At:02 Jul, 2026 | 16:51

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. In order to access the websocket server, no authentication is required. As such, any malicious website can attempt to open a connection to the server and potentially access sensitive APIs. In particular, it's possible to call a combination of the `create` method and `getScreenCapture` to retrieve the content of the user's screen.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
N/A
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Weaknesses
CWE IDTypeSource
CWE-306Secondary0df08a0e-a200-4957-9bb0-084f562506f9
CWE ID: CWE-306
Type: Secondary
Source: 0df08a0e-a200-4957-9bb0-084f562506f9
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://www.geovision.com.tw/cyber_security.php0df08a0e-a200-4957-9bb0-084f562506f9
N/A
https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2370af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://www.geovision.com.tw/cyber_security.php
Source: 0df08a0e-a200-4957-9bb0-084f562506f9
Resource: N/A
Hyperlink: https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2370
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

0Records found

Details not found