CVE-2018-7237
N/A
N/A
Summary
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of 'system.delete.sd_file'
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | Pelco Sarix Professional | all firmware versions prior to 3.29.77 | affected |
Weaknesses
- Arbitrary File Delete
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.