CVE-2024-6047 — AI Deep Analysis Summary

🚨 **Essence**: Remote Command Injection in GeoVision EOL devices. <br>💥 **Consequences**: Attackers can inject arbitrary OS commands. Total device compromise is possible.…

🛡️ **Root Cause**: **CWE-78** (OS Command Injection). <br>🔍 **Flaw**: Failure to properly filter user input. Malicious data is executed as system commands without sanitization.

🏢 **Vendor**: GeoVision. <br>📦 **Product**: GV_DSP_LPR_V2. <br>📉 **Status**: End of Life (EOL) series. Specific versions not listed, but EOL status is key.

👑 **Privileges**: Remote attackers gain full control. <br>📂 **Data**: High impact on data (C:H). <br>⚙️ **Action**: Execute *any* system command. No restrictions mentioned.

🔓 **Threshold**: **LOW**. <br>🌐 **Access**: Network accessible (AV:N). <br>🔑 **Auth**: None required (PR:N). <br>👀 **UI**: No user interaction needed (UI:N). Easy to exploit remotely.

📜 **Public Exp?**: **No**. <br>📂 **PoCs**: Empty list in data. <br>⚠️ **Risk**: Despite no public PoC, CVSS score is 9.8 (Critical). High risk of zero-day or private exploitation.

🔍 **Self-Check**: Scan for **GeoVision** devices. <br>🏷️ **Target**: Look for **GV_DSP_LPR_V2** product signature. <br>📡 **Test**: Test input fields for command injection responses (e.g., `; ls`, `| id`).

🩹 **Official Fix**: **Unknown/Not Provided**. <br>⏳ **Status**: Product is **EOL** (End of Life). Patches are unlikely or unavailable. Check vendor archives only.

🛑 **Workaround**: **Network Isolation**. <br>🚫 **Action**: Block external access to these devices. <br>🔒 **Strategy**: Move to internal VLAN. Use strict firewall rules. No software patch exists.

🔥 **Urgency**: **CRITICAL**. <br>📊 **CVSS**: 9.8 (Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). <br>⚡ **Priority**: Immediate mitigation required due to EOL status and high exploitability.