CVE-2021-47795

Name of the Vulnerable Software and Affected Versions GeoVision GeoWebServer version 5.3.3

Description GeoVision GeoWebServer 5.3.3 has multiple security issues, including local file inclusion, cross-site scripting, and remote code execution. These issues are due to improper input sanitization. An attacker can exploit the WebStrings.srf API endpoint by manipulating path traversal and injection parameters. This allows access to system files and execution of malicious scripts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.