GCVE - cpe:2.3:h:geovision:gv-vr360:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:geovision:gv-vr360:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Geovision (`417a3123-680c-5577-a6ff-fdce08f8be70`)
Product	Gv Vr360 (`2e18abef-be26-55a0-bd09-5e8779322d75`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-13408`	not_vulnerable	2026-06-03 14:39:37.638162	Advan VD-1 allows users to download arbitrary files A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication. Published: 2019-08-29T00:18:52.900Z Updated: 2024-09-17T01:26:55.568Z Open on db.gcve.eu Reference links https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906009 http://surl.twcert.org.tw/2bvXq	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-13407`	not_vulnerable	2026-06-03 14:39:37.636601	Advan VD-1 has a reflected XSS vulnerability in page cgibin/ssi.cgi A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly. Published: 2019-08-29T00:19:39.243Z Updated: 2024-09-16T22:16:10.244Z Open on db.gcve.eu Reference links https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906008 http://surl.twcert.org.tw/SpTwh	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-11064`	not_vulnerable	2026-06-03 14:39:25.457248	A vulnerability of remote credential disclosure was discovered in Advan VD-1 A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication. Published: 2019-08-29T00:19:17.490Z Updated: 2024-09-17T00:36:59.288Z Open on db.gcve.eu Reference links https://tvn.twcert.org.tw/taiwanvn/TVN-201906005 http://surl.twcert.org.tw/gCDQN https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.