CVE-2021-47795

GeoVision Geowebserver 5.3.3 - Local FIle Inclusion

CVSS 8.7 HIGHEPSS 0.9%CWE-22

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.7EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

15 ene 2026Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

Geovision · GeoVision Geowebserver

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.exploit-db.com/exploits/50211 https://www.geovision.com.tw/cyber_security.php https://www.vulncheck.com/advisories/geovision-geowebserver-local-file-inclusion