2 matches found
CVE-2018-7235
Schneider Electric Pelco Sarix Professional devices running firmware before 3.29.67 are vulnerable to arbitrary system file download caused by lack of validation of shell metacharacters in the system.download.sd_file parameter. Exploitation is network-vector with high impact (CVE-2018-7235; CVSS ...
CVE-2018-7235
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of the shell meta characters with the value of 'system.download.sdfile'...