3 matches found
CVE-2017-9966
CVE-2017-9966 affects Schneider Electric Pelco VideoXpert Enterprise, version 2.0 and earlier. The issue is an improper limitation of access control: by replacing certain executable files, an attacker can obtain system privileges and have code execute with elevated privileges on the host. CVSS in...
Schneider Electric Pelco VideoXpert Enterprise
CVSS v3 7.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Pelco VideoXpert Enterprise Vulnerabilities: Path Traversal, Improper Access Control AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following Pelco...
Pelco VideoXpert Multiple Vulnerabilities
Pelco VideoXpert is prone to multiple vulnerabilities: - Directory traversal vulnerability which allows unauthenticated attackers to read arbitrary files in the context of the web server. CVE-2017-9965 - Missing encryption of sensitive information. The software transmits sensitive data using doub...