CVE-2026-12847
CRITICAL SEVERITYCVSS Score & Metrics
Base Score
10.0 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Description
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485.
DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with it.
Upon receiving a UDP message, the server reads at most 1460 bytes into a local buffer and a pointer to the buffer is stored in a global variable:
#### Gateway field stack overflow
The following code is vulnerable to a stack overflow that is attacker-controlled:
v7 = strlen(g_network_config->gateway);
memcpy(&reply_buf[216], g_network_config->gateway, v7);
DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with it.
Upon receiving a UDP message, the server reads at most 1460 bytes into a local buffer and a pointer to the buffer is stored in a global variable:
#### Gateway field stack overflow
The following code is vulnerable to a stack overflow that is attacker-controlled:
v7 = strlen(g_network_config->gateway);
memcpy(&reply_buf[216], g_network_config->gateway, v7);
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-121
Source
NVD
Vendor
GeoVision Inc.
Product
GV-I/O Box 4E
Discussion (0)
Add Comment
No comments yet. Be the first!