CVE-2018-7235
N/A
N/A
Summary
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of the shell meta characters with the value of 'system.download.sd_file'
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | Pelco Sarix Professional | all firmware versions prior to 3.29.75 | affected |
Weaknesses
- Command Execution
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.