Vulnerability Details CVE-2018-7236
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/set_param could enable SSH service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 48.0%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 5.8
References
Products affected by CVE-2018-7236
-
cpe:2.3:h:schneider-electric:ibp1110-1er:-
-
cpe:2.3:h:schneider-electric:ibp219-1er:-
-
cpe:2.3:h:schneider-electric:ibp319-1er:-
-
cpe:2.3:h:schneider-electric:ibp519-1er:-
-
cpe:2.3:h:schneider-electric:ibps110-1er:-
-
cpe:2.3:h:schneider-electric:imp1110-1:-
-
cpe:2.3:h:schneider-electric:imp1110-1e:-
-
cpe:2.3:h:schneider-electric:imp1110-1er:-
-
cpe:2.3:h:schneider-electric:imp219-1:-
-
cpe:2.3:h:schneider-electric:imp219-1e:-
-
cpe:2.3:h:schneider-electric:imp219-1er:-
-
cpe:2.3:h:schneider-electric:imp319-1:-
-
cpe:2.3:h:schneider-electric:imp319-1e:-
-
cpe:2.3:h:schneider-electric:imp319-1er:-
-
cpe:2.3:h:schneider-electric:imp519-1:-
-
cpe:2.3:h:schneider-electric:imp519-1e:-
-
cpe:2.3:h:schneider-electric:imp519-1er:-
-
cpe:2.3:h:schneider-electric:imps110-1e:-
-
cpe:2.3:h:schneider-electric:imps110-1er:-
-
cpe:2.3:h:schneider-electric:mps110-1:-
-
cpe:2.3:o:schneider-electric:ibp1110-1er_firmware:*
-
cpe:2.3:o:schneider-electric:ibp219-1er_firmware:*
-
cpe:2.3:o:schneider-electric:ibp319-1er_firmware:*
-
cpe:2.3:o:schneider-electric:ibp519-1er_firmware:*
-
cpe:2.3:o:schneider-electric:ibps110-1er_firmware:*
-
cpe:2.3:o:schneider-electric:imp1110-1_firmware:*
-
cpe:2.3:o:schneider-electric:imp1110-1e_firmware:*
-
cpe:2.3:o:schneider-electric:imp1110-1er_firmware:*
-
cpe:2.3:o:schneider-electric:imp219-1_firmware:*
-
cpe:2.3:o:schneider-electric:imp219-1e_firmware:*
-
cpe:2.3:o:schneider-electric:imp219-1er_firmware:*
-
cpe:2.3:o:schneider-electric:imp319-1_firmware:*
-
cpe:2.3:o:schneider-electric:imp319-1e_firmware:*
-
cpe:2.3:o:schneider-electric:imp319-1er_firmware:*
-
cpe:2.3:o:schneider-electric:imp519-1_firmware:*
-
cpe:2.3:o:schneider-electric:imp519-1e_firmware:*
-
cpe:2.3:o:schneider-electric:imp519-1er_firmware:*
-
cpe:2.3:o:schneider-electric:imps110-1e_firmware:*
-
cpe:2.3:o:schneider-electric:imps110-1er_firmware:*
-
cpe:2.3:o:schneider-electric:mps110-1_firmware:*