{"uuid": "86994970-1839-448b-81f2-5fc83a91a9bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12850", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116804971963043616", "content": "CVE-2026-12850: CRITICAL OS command injection in GeoVision GV-I/O Box 4E v2.09 via libNetSetObj.so allows remote code execution. No patch \u2014 restrict access to DVRSearch & Network.cgi. Details: https://radar.offseq.com/threat/cve-2026-12850-cwe-78-improper-neutralization-of-s-4e66118ac7829bb3 #OffSeq #ICS #infosec #vulnerability", "creation_timestamp": "2026-06-24T12:00:30.601342Z"}