2 matches found
CVE-2018-7234
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate...
CVE-2018-7234
Schneider Electric Pelco Sarix Professional devices running firmware older than 3.29.67 are affected by an arbitrary system file download vulnerability. The issue arises from insufficient validation in SSL/TLS handling, enabling an attacker to download arbitrary files via the /cgi-bin/ssldownload...