A vulnerability marked as critical has been reported in GeoVision GV-LPC2011 and LPC2211 up to 1.10 . Affected is an unknown function of the file DdnsSetting.cgi of the component DDNS Handler . This manipulation causes os command injection. This vulnerability is handled as CVE-2026-42364 . The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.