Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-12851
PUBLISHED
More InfoOfficial Page
Assigner-GV
Assigner Org ID-0df08a0e-a200-4957-9bb0-084f562506f9
View Known Exploited Vulnerability (KEV) details
Published At-24 Jun, 2026 | 03:40
Updated At-24 Jun, 2026 | 12:50
Rejected At-
▼CVE Numbering Authority (CNA)
GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. `libNetSetObj.so` is an internal library used by various binaries on the device to configure the network stack (start and stop various services, configure IP, Netmask, gateway, dns, etc.) #### CNetSetObj::m_F_n_Set_DNS_Addr command injection The following function can take up to two addresses, performs no sanitization and then calls `system`. This is a classic command injection vulnerability. The function is reachable from both the network-exposed `DVRSearch` service and the `Network.cgi` endpoint. int __fastcall CNetSetObj::m_F_n_Set_DNS_Addr(CNetSetObj *this, char *dns1, char *dns2) { int result; // r0 char v5[80]; // [sp+0h] [bp-50h] BYREF if ( !dns1 ) result = 0; if ( dns1 ) { sprintf(v5, "/bin/echo nameserver %s > /etc/resolv.conf", dns1); // attacker controlled dns1 field system(v5); if ( dns2 ) { sprintf(v5, "/bin/echo nameserver %s >> /etc/resolv.conf", dns2); system(v5); } return 1; } return result;

Affected Products
Vendor
GeoVision Inc.
Product
GV-I/O Box 4E
Platforms
  • Linux
Default Status
unaffected
Versions
Affected
  • V2.09
Unaffected
  • V2.12
Problem Types
TypeCWE IDDescription
CWECWE-78CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')
Type: CWE
CWE ID: CWE-78
Description: CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
N/Acapec-10
CAPEC ID: N/A
Description: capec-10
Solutions

Configurations

Workarounds

Exploits

Credits

finder
Philippe Laulheret of Cisco Talos
remediation reviewer
Kelly Patterson of Cisco Talos
coordinator
Robert Sherwin of Cisco Talos
Timeline
EventDate
Finder Reports Vulnerabilties to Vendor2026-04-21 07:34:00
Event: Finder Reports Vulnerabilties to Vendor
Date: 2026-04-21 07:34:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.geovision.com.tw/cyber_security.php
vendor-advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2026-2379
third-party-advisory
Hyperlink: https://www.geovision.com.tw/cyber_security.php
Resource:
vendor-advisory
Hyperlink: https://talosintelligence.com/vulnerability_reports/TALOS-2026-2379
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found