CVE-2026-57875
Deferred Deferred - Pending Action

NULL Pointer Dereference in GeoVision GV-LPC2011 and GV-LPC2211

Vulnerability report for CVE-2026-57875, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: 0df08a0e-a200-4957-9bb0-084f562506f9

Description

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the affected components. A remote attacker may exploit this vulnerability by sending a specially crafted HTTP request, causing the affected process to crash and resulting in a denial of service.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-07-16
AI Q&A
2026-06-26
EPSS Evaluated
2026-07-15
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
geovision gv-lpc2011 1.12
geovision gv-lpc2211 1.12

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is an unauthenticated NULL pointer dereference in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 version 1.12 and earlier.

It occurs because the affected components do not properly validate required HTTP request metadata before using it.

A remote attacker can exploit this by sending a specially crafted HTTP request that triggers the NULL pointer dereference, causing the affected process to crash.

Detection Guidance

This vulnerability can be detected by monitoring for crashes or denial of service symptoms in the affected GeoVision GV-LPC2011 and GV-LPC2211 devices when they receive malformed HTTP requests. Network intrusion detection systems (NIDS) or web application firewalls (WAF) can be configured to detect specially crafted HTTP requests that target the HTTP request parsing logic of these devices.

Specific commands to detect this vulnerability are not provided in the available information. However, general network monitoring commands such as capturing HTTP traffic with tools like tcpdump or Wireshark and analyzing for unusual or malformed HTTP requests targeting the devices could be useful.

  • Use tcpdump to capture HTTP traffic: tcpdump -i <interface> port 80 or 443 -w capture.pcap
  • Analyze captured traffic with Wireshark to identify suspicious HTTP requests.
  • Monitor device logs for crashes or unexpected restarts indicating exploitation attempts.
Impact Analysis

Exploitation of this vulnerability can cause the affected process to crash, resulting in a denial of service (DoS).

Since the vulnerability is unauthenticated and remotely exploitable, an attacker can cause service disruption without needing any credentials.

Compliance Impact

This vulnerability causes a denial of service by crashing the affected process through a NULL pointer dereference in HTTP request parsing. It does not directly impact confidentiality or integrity of data.

Since the vulnerability does not lead to unauthorized data access or data leakage, its direct effect on compliance with standards like GDPR or HIPAA, which focus on protecting personal and sensitive data, is limited.

However, denial of service conditions can affect availability, which is a component of some compliance frameworks. Organizations relying on the affected devices should consider the risk of service disruption in their compliance and risk management processes.

Mitigation Strategies

Immediate mitigation steps include applying any available firmware or software updates provided by GeoVision for the affected GV-LPC2011 and GV-LPC2211 devices. GeoVision follows a structured vulnerability management process and releases unscheduled updates for critical vulnerabilities such as this one.

If updates are not yet available, consider implementing network-level protections such as blocking or filtering suspicious HTTP requests to the affected devices, restricting access to the devices from untrusted networks, and monitoring for exploitation attempts.

Contact GeoVision support or check their cybersecurity advisories page regularly for patches and detailed mitigation instructions.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-57875. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart