High severity8.8NVD Advisory· Published Feb 3, 2025· Updated Apr 15, 2026

CVE-2024-56901

Description

A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000