CVE-2018-7230

Summary

A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67.

Affected Software

VendorProductVersion RangeStatus
Schneider Electric SEPelco Sarix Professionalall firmware versions prior to 3.29.70affected

Weaknesses

  • XML External Entity Processing

ADP Enrichment

CVE Program Container

Additional References

References