- Description
- Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device.
- Source
- twcert@cert.org.tw
- NVD status
- Analyzed
- CNA Tags
- unsupported-when-assigned
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- GeoVision Devices OS Command Injection Vulnerability
- Exploit added on
- May 7, 2025
- Exploit action due
- May 28, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- twcert@cert.org.tw
- CWE-78
- Hype score
- Not currently trending
#Malware #Vulnerability Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120 https://t.co/ueeF5Mt5mC
@Komodosec
30 Jun 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Akamai セキュリティブログ:Mirai が招く、IoT デバイスの悪用 廃止済みの GeoVision IoTデバイスにおけるコマンドインジェクションの脆弱性(CVE-2024-6047、CVE-2024-11120)が悪用されていることを確認。本ブログでは
@akamai_jp
2 Jun 2025
259 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/gxIuUvQiLL https://t.co/ffArbbYX4R
@RaghuNain
15 May 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/B7enCNcVKW https://t.co/j5fZYjzbpY
@epichol
12 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-6047
@transilienceai
11 May 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-6047
@transilienceai
10 May 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#threatreport #MediumCompleteness Here Comes Mirai: IoT Devices RSVP to Active Exploitation | 07-05-2025 Source: https://t.co/z4y62kusIZ Key details below ↓ 💀Threats: Mirai, Infectedslurs_botnet, 🎯Victims: Geovision iot devices 🏭Industry: Iot 🔓CVEs: CVE-2024-604
@rst_cloud
8 May 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/551tEm98xj https://t.co/J4yOnJdvBX
@AngeloAkamai
8 May 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-6047 #GeoVision Devices OS Command Injection Vulnerability https://t.co/ChLlWcx4Xy
@ScyScan
7 May 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. https://t.co/EFtnKu1WnV https://t.co/mHFY2yAIMR
@Akamai
7 May 2025
495 Impressions
2 Retweets
8 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 GeoVision #IoT Devices Under Siege: Active Exploitation of #CVE-2024-6047 and #CVE-2024-11120 https://t.co/Q0qDT4bUdo
@UndercodeNews
7 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025年4月、Akamaiのセキュリティチームは、GeoVision製IoTデバイスに存在するコマンドインジェクションの脆弱性(CVE-2024-6047およびCVE-2024-11120)を悪用するMiraiボットネットの活動を確認した。
@yousukezan
7 May 2025
1027 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
Good morning! Two new KEVs this morning: - CVE-2024-6047 - CVE-2024-11120 Both Unauthenticated OS Command Injection affecting GeoVision EOL devices. https://t.co/AiQ9pP8frc
@ethicalhack3r
7 May 2025
241 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/HRR6Y8rAsJ https://t.co/JQ0VE7UYh8
@guigui_0921
7 May 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/EHs8J0bMgH https://t.co/lQAcoJnv0C
@ArminBolenius
7 May 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ハッカーらがSamsung MagicINFOとGeoVision IoTの脆弱性を悪用し、Miraiボットネットを展開(CVE-2024-6047、CVE-2024-7399他) 🐼Panda Shop:中国系カーディング集団の大規模スミッシング 〜サイバーアラート 5月7日〜 ht
@MachinaRecord
7 May 2025
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
See details and IOCs of @Akamai SIRT’s discovery of active exploitation of the command injection vulnerabilities CVE-2024-6047 and CVE-2024-11120. Learn more. #AkamaiSecurity https://t.co/zuSKV63u20 https://t.co/7JD4nIYW1x
@rohitprasad220
7 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv-dsp_lpr_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A816357-E53E-45DB-8655-2168D9B81F9F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv-dsp_lpr:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "154516B8-F25A-4426-8EA5-C27E0FB0DEEB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_bx130_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C7E9068-B0C2-4BA9-BBBE-88018F6E1ECB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_bx130:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F45BD759-67ED-41E8-936C-AF60D13D08B7"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_bx1500_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52B756CC-3EBB-412C-93DE-0A13EC8F351C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_bx1500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A0682970-0181-4624-98EB-3DFD532FC544"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_cb220_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C57D7FF6-B98E-4B11-BCBD-56EA1DE6B4B1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_cb220:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2BEA1E46-35C8-4E50-A877-5BD9B5F05DBE"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_ebl1100_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF6A2AC0-0130-4634-9B8C-E7A97E3EB96D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_ebl1100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0DC06FEC-DF9C-4609-81EA-697856D05FEF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_efd1100_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BB3DF05-C757-4CA1-8F34-A21EBB541086"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_efd1100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4FB49A19-BFB2-42DC-90ED-D1951DCEB98B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_fd2410_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12890B2C-8483-4BB8-89B8-44AF30A660F9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_fd2410:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F159EE17-8BFC-4A7E-9A28-CBC28D9F36E6"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_fd3400_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63B8E8F7-ABDE-4F64-B179-63757632E3BA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_fd3400:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "49206BF6-C107-4D75-A980-060F8F7A3A18"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_fe3401_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C34FE68-E6B9-4F02-B1E4-910274A30FC9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_fe3401:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "64901613-1F8B-4406-BD5C-E2363AA8E95A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_ipcamd_gv_fe420_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0970DE3D-8D63-4623-954C-119C055EC985"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_ipcamd_gv_fe420:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F4F93892-27B6-4161-B791-F1CECC1A065F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_gm8186_vs14_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A16D884B-01DD-47DD-BF7C-472C72D6A963"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_gm8186_vs14:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3612EE1F-DB21-4C2D-9E16-C1560080EB7D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv-vs14_vs14_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34AD0CE6-AB6A-4F0D-863D-4A0BE4B79A12"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv-vs14_vs14:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B49A4E1-B587-442E-A243-0229DDC207B0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs03_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F4FEB6A-4296-4159-9952-7E81A2F59915"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_vs03:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AD570DE5-22A6-4FC5-AA58-E564EC4073A1"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs2410_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84F9F838-BDA5-43E0-9867-DF8B993B14AA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_vs2410:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B037689D-0A74-4945-8200-4E1A662C2AEB"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs28xx_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C9707F0-D906-42FA-AC4D-1C8345DAB336"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs216xx_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82E985B3-A6B5-4EF4-A798-AD8C490E4AA4"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_vs216xx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6019779D-7B09-459A-B4D0-E13D64493D4A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs04a_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38B0EAB6-D680-49A9-8566-291D7C07ECEB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_vs04a:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7DBAFCA5-81F9-4A39-8978-FAA5A750D2F8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gv_vs04h_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A142CF2C-9151-4AA7-9D06-400F56CBE5B8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gv_vs04h:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C74BC02A-1265-4A48-B7A5-BB449B3ACCA4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:geovision:gvlx_4_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F102B6E2-FF3F-4A1A-B133-E06567EE6653"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:geovision:gvlx_4:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CC0F181D-09E9-43CF-93A5-DA699F4436C5"
},
{
"criteria": "cpe:2.3:h:geovision:gvlx_4:3.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3699699F-80E7-44C8-8564-1448704BCCE0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]