CVE-2026-57873
Received Received - Intake
NULL Pointer Dereference in GeoVision GV-LPC2011 and GV-LPC2211

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description
An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021x_upload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may exploit this vulnerability by sending a malformed multipart request, causing the affected CGI process to crash and resulting in a denial of service.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-26
AI Q&A
2026-06-26
EPSS Evaluated
N/A
NVD
CVE-2026-57873
EUVD
EUVD-2026-39629
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
geovision gv-lpc2011 to 1.12 (exc)
geovision gv-lpc2211 to 1.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an unauthenticated NULL pointer dereference in the IEEE8021x_upload.cgi component of GeoVision GV-LPC2011 and GV-LPC2211 devices running version 1.12 or earlier.

It occurs because the software improperly validates multipart upload headers when processing certificate-related upload fields.

A remote attacker can exploit this by sending a malformed multipart request, which causes the CGI process to crash.

This crash results in a denial of service condition.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition.

An attacker can remotely cause the affected CGI process to crash, potentially disrupting the normal operation of the GeoVision device.

Since the vulnerability does not affect confidentiality or integrity, the impact is limited to availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57873. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart