What is CVE-2026-42367?

CVE-2026-42367 is a medium-severity vulnerability in Geovision Gv-lpc2011, classified under Insufficiently Protected Credentials. CVSS score: 6.5/10. Published 2026-05-04.

How severe is CVE-2026-42367?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Geovision Gv-lpc2011

CVE-2026-42367

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vuln…

EPSS: 0.000 (7.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Geovision Gv-lpc2011
Geovision Gv-lpc2011_firmware — versions 1.10
Geovision Gv-lpc2211
Geovision Gv-lpc2211_firmware — versions 1.10
Geovision Inc. Gv-lpc2011/lpc2211 — versions V1.10, V1.20

Weakness classification (CWE)

CWE-522 — Insufficiently Protected Credentials

References

0df08a0e-a200-4957-9bb0-084f562506f9 (vendor-advisory, Vendor Advisory)
0df08a0e-a200-4957-9bb0-084f562506f9 (Third Party Advisory, third-party-advisory)

Frequently asked questions

What is CVE-2026-42367?: CVE-2026-42367 is a medium-severity vulnerability in Geovision Gv-lpc2011, classified under Insufficiently Protected Credentials. CVSS score: 6.5/10. Published 2026-05-04.
How severe is CVE-2026-42367?: Medium severity. CVSS v3 base score is 6.5 out of 10.