Shodan
Vulnerabilities
Vulnerable Software
Schneider-Electric:  >> Ibp519-1er  Security Vulnerabilities
CVE-2018-7780
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".
CVSS Score
9.8
EPSS Score
0.005
Published
2018-07-03
CVE-2018-7781
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-07-03
CVE-2018-7782
In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, authenticated users can view passwords in clear text.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-07-03
CVE-2018-7227
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow retrieving of specially crafted URLs without authentication that can reveal sensitive information to an attacker.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-03-09
CVE-2018-7228
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and get the administrator privileges.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-03-09
CVE-2018-7229
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to bypass authentication and gain administrator privileges because the use of hardcoded credentials.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-03-09
CVE-2018-7230
A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-03-09
CVE-2018-7231
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'system.opkg.remove'.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-03-09
CVE-2018-7232
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'network.ieee8021x.delete_certs'.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-03-09
CVE-2018-7233
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'model_name' or 'mac_address'.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-03-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved