CVE-2026-42365 - Vulnerability Analysis
HighCVSS: 8.6Last Updated: May 4, 2026
GeoVision LPC2011/LPC2211 - Authentication Bypass
Published: May 4, 2026Updated: May 4, 2026Remote Exploitable
Overview
GeoVision LPC2011/LPC2211 1.10 contains an authentication bypass caused by guessable session cookies in the Web Interface, letting attackers bypass authentication by bruteforcing session cookies, exploit requires ability to send crafted HTTP requests.
Severity & Score
Severity: High
CVSS Score: 8.6
Impact
Attackers can bypass authentication, gaining unauthorized access to the system.
Mitigation
Update to the latest version or apply vendor patches addressing session cookie security.
References
Related Resources
Details
- CVE ID
- CVE-2026-42365
- Severity
- High
- CVSS Score
- 8.6
- Type
- broken_authentication
- Status
- new
CWE
- CWE-341
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N