Schneider Electric Pelco VideoXpert Enterprise 2.0 - Path Traversal

Schneider Electric Pelco VideoXpert Enterprise versions 2.0 and prior contain a directory traversal caused by insufficient input validation, letting unauthorized persons view web server files, exploit requires no authentication. id: CVE-2017-9965 info: name: Schneider Electric Pelco VideoXpert...

CVE-2017-9965

creationtimestamp| type| source ---|---|--- 2025-10-05 10:02:43+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-9965.yaml...

CVE-2017-9965

Schneider Electric Pelco VideoXpert Enterprise 2.0 and earlier are affected by a directory traversal vulnerability (CVE-2017-9965) due to insufficient input validation. An unauthenticated attacker can view web server files via a path traversal attack. The Nuclei template notes no authentication i...

Schneider Electric Pelco VideoXpert Enterprise

CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Pelco VideoXpert Enterprise Vulnerabilities: Path Traversal, Improper Access Control AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following Pelco...

Pelco VideoXpert Multiple Vulnerabilities

Pelco VideoXpert is prone to multiple vulnerabilities: - Directory traversal vulnerability which allows unauthenticated attackers to read arbitrary files in the context of the web server. CVE-2017-9965 - Missing encryption of sensitive information. The software transmits sensitive data using doub...