Geovision · Gv-Asweb · CVE-2026-7841
**Name of the Vulnerable Software and Affected Versions**
GeoVision GV-ASWeb version 6.2.0
**Description**
An authenticated user with System Setting permissions can execute arbitrary commands on the server. This is possible by sending a crafted HTTP POST request to the 'ASWebCommon.srf' backend endpoint to bypass frontend restrictions within the Notification Settings.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.