CVE-2026-7841

Name of the Vulnerable Software and Affected Versions GeoVision GV-ASWeb version 6.2.0

Description An authenticated user with System Setting permissions can execute arbitrary commands on the server. This is possible by sending a crafted HTTP POST request to the 'ASWebCommon.srf' backend endpoint to bypass frontend restrictions within the Notification Settings.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.