Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

GeoWebPlayer

Source -

CNA

CNA CVEs -

18

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
18Vulnerabilities found

CVE-2026-57278
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:26
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in ip field

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57277
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.28% / 19.84%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:25
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in key field

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57276
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:25
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in password field (key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57275
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:24
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in username field (key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57274
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:24
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in password field (no key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57273
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:23
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server connectInfo handler stack-based buffer overflow vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. One of them, `connectionInfo` is meant to provide the necessary details to connect to a camera. The handler associated with this command that we call`handle_connection_info` contains multiple instances of string copy that can overflow. The function `handle_connect_info` copies attacker-controlled JSON strings into fixed-size buffers using manual byte-by-byte loops that do not enforce length limits. #### Buffer Overflow in username field (no key present)

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2026-57272
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.25% / 15.87%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:22
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### byPass command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57271
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.24% / 14.31%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:21
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. #### pause command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57270
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.22% / 12.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:21
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### play command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57269
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.24% / 14.97%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:20
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### disconnect command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57268
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.29% / 20.40%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:20
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. ### saveVideo command index-out-of-bound When sending the `saveVideo` command, the `index` field is extracted from the websocket message [1]. Then without checking the range of the index, it is used to trigger a CriticalSection ([2]) and releases it [3]. The release function call ([3]) is executed using a function pointer which will be read out of bounds potentially leading to code execution: v6 = get_entry(a2, "index"); result = json_is_value_int(v6); if ( (_BYTE)result ) { v8 = get_entry(a2, "index"); index = json_value_to_int(&v8->value); // [1] result = CCriticalSection::EnterCritSection(&this->crit_sections[index]); //[2] if ( result ) { if ( this->array_of_IPCams[index] ) { if ( this->array_of_IPCams[index]->field_20 ) do_PostMessageA((CViewer *)this->array_of_IPCams[index], 0x111u, 0x139Fu, v11); } return (*(int (__thiscall **)(CCriticalSection *))(this->crit_sections[index].vtbl + 20))(&this->crit_sections[index]); //[3] } }

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57267
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.22% / 12.41%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:19
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### snapshot command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57266
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:19
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### 2wayAudio command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57265
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:18
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### audio command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-57264
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:18
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setPIP command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-13132
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:17
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### setStream command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-13131
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.3||HIGH
EPSS-0.21% / 11.89%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:14
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### connectInfo command index-out-of-bound

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2026-13125
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
ShareView Details
Assigner-0df08a0e-a200-4957-9bb0-084f562506f9
CVSS Score-8.8||HIGH
EPSS-0.23% / 13.38%
||
7 Day CHG~0.00%
Published-02 Jul, 2026 | 02:14
Updated-02 Jul, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GeoVision GeoWebPlayer 1.1.1.0 Websocket Server function vulnerability

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. In order to access the websocket server, no authentication is required. As such, any malicious website can attempt to open a connection to the server and potentially access sensitive APIs. In particular, it's possible to call a combination of the `create` method and `getScreenCapture` to retrieve the content of the user's screen.

Action-Not Available
Vendor-GeoVision Inc.
Product-GeoWebPlayer
CWE ID-CWE-306
Missing Authentication for Critical Function