CVE-2017-9964

A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting in authentication bypass or session hijack...

CVE-2017-9964

CVE-2017-9964 affects Schneider Electric Pelco VideoXpert Enterprise (all versions before 2.1). It is a path traversal flaw that, by sniffing communications, allows an unauthorized attacker to perform directory traversal, potentially causing authentication bypass or session hijack. Documents cons...

Schneider Electric Pelco VideoXpert Enterprise

CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Pelco VideoXpert Enterprise Vulnerabilities: Path Traversal, Improper Access Control AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following Pelco...

Pelco VideoXpert Multiple Vulnerabilities

Pelco VideoXpert is prone to multiple vulnerabilities: - Directory traversal vulnerability which allows unauthenticated attackers to read arbitrary files in the context of the web server. CVE-2017-9965 - Missing encryption of sensitive information. The software transmits sensitive data using doub...