CVE-2026-7371: CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') in GeoVision Inc. GV-LPC2011/LPC2211
CVE-2026-7371 is a high-severity reflected cross-site scripting (XSS) vulnerability in the web interface of GeoVision Inc. 's GV-LPC2011/LPC2211 version 1.10. The vulnerability exists in the ssi.cgi functionality, where a specially crafted URL can cause arbitrary JavaScript code execution via the error message triggered by requesting a non-existing page. This vulnerability requires user interaction and network access to the affected device. No official patch or remediation guidance is currently available from the vendor.
AI Analysis
Technical Summary
This vulnerability involves multiple reflected XSS issues in the ssi.cgi component of GeoVision GV-LPC2011/LPC2211 firmware version 1.10. An attacker can craft a malicious URL that, when visited by a user, causes the web interface to reflect the input unsafely in an error message, enabling execution of arbitrary JavaScript code in the victim's browser context. The CVSS 3.1 base score is 7.4, indicating high severity, with network attack vector, low attack complexity, no privileges required, user interaction needed, scope changed, and high confidentiality impact but no integrity or availability impact. There is no known exploit in the wild and no vendor-provided patch or mitigation at this time.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary JavaScript code in the context of the affected device's web interface for users who visit a maliciously crafted URL. This can lead to theft of sensitive information accessible via the browser session, such as authentication tokens or other confidential data. The vulnerability does not impact system integrity or availability directly. The attack requires user interaction and network access to the device's web interface.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid accessing untrusted URLs that interact with the affected device's web interface. Network-level protections such as web application firewalls might help reduce exposure. Monitor vendor communications for updates on patches or official mitigations.
CVE-2026-7371: CWE-79 Improper neutralization of input during web page generation ('cross-site scripting') in GeoVision Inc. GV-LPC2011/LPC2211
Description
CVE-2026-7371 is a high-severity reflected cross-site scripting (XSS) vulnerability in the web interface of GeoVision Inc. 's GV-LPC2011/LPC2211 version 1.10. The vulnerability exists in the ssi.cgi functionality, where a specially crafted URL can cause arbitrary JavaScript code execution via the error message triggered by requesting a non-existing page. This vulnerability requires user interaction and network access to the affected device. No official patch or remediation guidance is currently available from the vendor.
CVSS v3.1
Score 7.4high
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves multiple reflected XSS issues in the ssi.cgi component of GeoVision GV-LPC2011/LPC2211 firmware version 1.10. An attacker can craft a malicious URL that, when visited by a user, causes the web interface to reflect the input unsafely in an error message, enabling execution of arbitrary JavaScript code in the victim's browser context. The CVSS 3.1 base score is 7.4, indicating high severity, with network attack vector, low attack complexity, no privileges required, user interaction needed, scope changed, and high confidentiality impact but no integrity or availability impact. There is no known exploit in the wild and no vendor-provided patch or mitigation at this time.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary JavaScript code in the context of the affected device's web interface for users who visit a maliciously crafted URL. This can lead to theft of sensitive information accessible via the browser session, such as authentication tokens or other confidential data. The vulnerability does not impact system integrity or availability directly. The attack requires user interaction and network access to the device's web interface.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid accessing untrusted URLs that interact with the affected device's web interface. Network-level protections such as web application firewalls might help reduce exposure. Monitor vendor communications for updates on patches or official mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GV
- Date Reserved
- 2026-04-28T22:53:06.123Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f7f4d3cbff5d86108d8356
Added to database: 5/4/2026, 1:22:27 AM
Last enriched: 5/11/2026, 2:21:25 AM
Last updated: 6/18/2026, 7:22:17 AM
Views: 85
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.