CVE-2026-12485
Received Received - Intake
Stack Overflow in GV-I/O Box 4E DVRSearch Service

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with it. Upon receiving a UDP message, the server reads at most 1460 bytes into a local buffer and a pointer to the buffer is stored in a global variable: #### IP field stack overflow The following code is vulnerable to a stack overflow that is attacker-controlled: v3 = strlen(g_network_config->ip_addr); memcpy(&reply_buf[36], g_network_config->ip_addr, v3);
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-24
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-12485
EUVD
EUVD-2026-38646
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
geovision gv-i/o_box_4e 2.09
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the GV-I/O Box 4E, a smart embedded device controlled over Ethernet and RS-485. The DVRSearch service listens for UDP messages on port 10001 and processes incoming data. The vulnerability is a stack overflow caused by the service copying the device's IP address into a fixed-size buffer without proper bounds checking. Specifically, the length of the IP address string is used to copy data into a buffer, which can overflow the stack if the input is too large or manipulated, allowing an attacker to control the overflow.

Impact Analysis

This vulnerability has a critical impact with a CVSS base score of 10.0, indicating it is easy to exploit remotely without any privileges or user interaction. An attacker on the same network can send crafted UDP messages to the DVRSearch service, triggering the stack overflow. This can lead to complete compromise of the device, including full control over its operations, data confidentiality, integrity, and availability.

Detection Guidance

This vulnerability involves the DVRSearch service listening on UDP port 10001, which accepts messages that can trigger a stack overflow. Detection can focus on monitoring network traffic for unusual or malformed UDP packets sent to port 10001.

You can use network monitoring tools or commands to capture and analyze UDP traffic on port 10001 to detect potential exploit attempts.

  • Use tcpdump to capture UDP packets on port 10001: tcpdump -i <interface> udp port 10001
  • Use Wireshark to filter and analyze UDP traffic to port 10001 with the filter: udp.port == 10001
  • Check running services and open ports on the device to confirm if DVRSearch is active: netstat -anu | grep 10001
Mitigation Strategies

Immediate mitigation steps include restricting access to the DVRSearch service on UDP port 10001 to trusted users only, as the service accepts messages from any user on the network.

You should consider implementing network segmentation or firewall rules to block or limit UDP traffic to port 10001 from untrusted sources.

If possible, disable the DVRSearch service or update the device firmware to a version that patches the stack overflow vulnerability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12485. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart