Lucene search
+L

CVE-2018-7827

🗓️ 22 May 2019 19:33:25Reported by schneiderType 
cve
 cve
🔗 web.nvd.nist.gov👁 88 Views🌐 WEB

A XSS vulnerability in Pelco Sarix Enhanced and Spectra Enhanced PTZ Cameras allows remote attackers to execute arbitrary code

Related
Detection
Affected
Refs
Paths
NVD
[
  {
    "product": "Pelco Sarix Enhanced and Spectra Enhanced, Pelco Sarix Enhanced 1st generation and Spectra Enhanced PTZ",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Pelco Sarix Enhanced and Spectra Enhanced, Pelco Sarix Enhanced 1st generation and Spectra Enhanced PTZ"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
usernamerequest body/setup/network/dot1x/updateCSRF/XSS on username parameterCWE-79
hostnamerequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
http_portrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
rtsp_portrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
ip_addressrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
subnet_maskrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
gatewayrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
nameserversrequest body/setup/network/general/updateCSRF/XSS on gateway, hostname, ip_address, nameservers, http_port, rtsp_port and subnet_mask parameterCWE-79
versionrequest body/setup/network/snmp/updateCSRF/XSS on version parameter and related SNMP fieldsCWE-79
v2_community_stringrequest body/setup/network/snmp/updateCSRF/XSS on version parameter and related SNMP fieldsCWE-79
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 02:03Current
5.3Medium risk
Vulners AI Score5.3
CVSS 23.5
CVSS 35.4
EPSS0.00818
88