CVE-2024-6047

Published Jun 17, 2024

Last updated 18 hours ago

Overview

Description
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
Source
twcert@cert.org.tw
NVD status
Awaiting Analysis
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
GeoVision Devices OS Command Injection Vulnerability
Exploit added on
May 7, 2025
Exploit action due
May 28, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

twcert@cert.org.tw
CWE-78

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

7

  1. #threatreport #MediumCompleteness Here Comes Mirai: IoT Devices RSVP to Active Exploitation | 07-05-2025 Source: https://t.co/z4y62kusIZ Key details below ↓ 💀Threats: Mirai, Infectedslurs_botnet, 🎯Victims: Geovision iot devices 🏭Industry: Iot 🔓CVEs: CVE-2024-604

    @rst_cloud

    8 May 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/551tEm98xj https://t.co/J4yOnJdvBX

    @AngeloAkamai

    8 May 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-6047 #GeoVision Devices OS Command Injection Vulnerability https://t.co/ChLlWcx4Xy

    @ScyScan

    7 May 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. See details and IOCs of Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. https://t.co/EFtnKu1WnV https://t.co/mHFY2yAIMR

    @Akamai

    7 May 2025

    495 Impressions

    2 Retweets

    8 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 GeoVision #IoT Devices Under Siege: Active Exploitation of #CVE-2024-6047 and #CVE-2024-11120 https://t.co/Q0qDT4bUdo

    @UndercodeNews

    7 May 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 2025年4月、Akamaiのセキュリティチームは、GeoVision製IoTデバイスに存在するコマンドインジェクションの脆弱性(CVE-2024-6047およびCVE-2024-11120)を悪用するMiraiボットネットの活動を確認した。

    @yousukezan

    7 May 2025

    1027 Impressions

    2 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  7. Good morning! Two new KEVs this morning: - CVE-2024-6047 - CVE-2024-11120 Both Unauthenticated OS Command Injection affecting GeoVision EOL devices. https://t.co/AiQ9pP8frc

    @ethicalhack3r

    7 May 2025

    241 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/HRR6Y8rAsJ https://t.co/JQ0VE7UYh8

    @guigui_0921

    7 May 2025

    29 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  9. See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/EHs8J0bMgH https://t.co/lQAcoJnv0C

    @ArminBolenius

    7 May 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. ⚠️ハッカーらがSamsung MagicINFOとGeoVision IoTの脆弱性を悪用し、Miraiボットネットを展開(CVE-2024-6047、CVE-2024-7399他) 🐼Panda Shop:中国系カーディング集団の大規模スミッシング 〜サイバーアラート 5月7日〜 ht

    @MachinaRecord

    7 May 2025

    47 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/zuSKV63u20 https://t.co/7JD4nIYW1x

    @rohitprasad220

    7 May 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes