GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerability
Summary
| CVE | CVE-2026-57272 |
|---|---|
| State | PUBLISHED |
| Assigner | GV |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-02 04:17:13 UTC |
| Updated | 2026-07-02 13:16:57 UTC |
| Description | GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces provided by the GeoVision software and may be necessary for them to function properly. The Websocket server can accept various commands coming from localhost. Many of the commands will take an `index` value that is then used to access various arrays to enter critical sections, perform various actions via function calls, etc. However the `index` value is usually not checked for valid range, and as such it can be used to access multiple arrays out-of-bound. #### byPass command index-out-of-bound |
Risk And Classification
Primary CVSS: v3.1 8.3 HIGH from 0df08a0e-a200-4957-9bb0-084f562506f9
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Problem Types: CWE-129 | CWE-129 CWE-129 Improper validation of array index
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | 0df08a0e-a200-4957-9bb0-084f562506f9 | Secondary | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H |
| 3.1 | CNA | CVSS | 8.3 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H |
CVSS v3.1 Breakdown
Attack Vector
NetworkAttack Complexity
HighPrivileges Required
NoneUser Interaction
RequiredScope
ChangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | GeoVision Inc. | GeoWebPlayer | affected V1.1.1.0 | Windows, 64 bit |
| CNA | GeoVision Inc. | GeoWebPlayer | unaffected V1.1.3.0 | Windows, 64 bit |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.geovision.com.tw/cyber_security.php | 0df08a0e-a200-4957-9bb0-084f562506f9 | www.geovision.com.tw | |
| talosintelligence.com/vulnerability_reports/TALOS-2026-2373 | 0df08a0e-a200-4957-9bb0-084f562506f9 | talosintelligence.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Philippe Laulheret of Cisco Talos (en)
CNA: Kelly Patterson of Cisco Talos (en)
CNA: Robert Sherwin of Cisco Talos (en)
Additional Advisory Data
Solutions
CNA: The vulnerability has been patched with GeoWebPlayer V1.1.3.0
There are currently no legacy QID mappings associated with this CVE.