Vulnerability Description
GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://www.exploit-db.com/exploits/50211
- https://www.geovision.com.tw/cyber_security.php
- https://www.vulncheck.com/advisories/geovision-geowebserver-local-file-inclusion
FAQ
What is CVE-2021-47795?
CVE-2021-47795 is a vulnerability with a CVSS score of 6.2 (MEDIUM). GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploi...
How severe is CVE-2021-47795?
CVE-2021-47795 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47795?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.