Lucene search
K

22 matches found

CNVD
CNVD
added 2019/05/24 12:0 a.m.4 views

Schneider Electric 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera Cross-Site Request Forgery Vulnerability

Schneider Electric 1st Gen Pelco Sarix Enhanced Camera and Schneider Electric Spectra Enhanced PTZ Camera are products of Schneider Electric, France. The Schneider Electric 1st Gen Pelco Sarix Enhanced Camera is a series of fixed IP cameras and the Schneider Electric Spectra Enhanced PTZ Camera i...

8.8CVSS6.9AI score0.00572EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/24 12:0 a.m.2 views

Schneider Electric 1st Gen Pelco Sarix Enhanced Camera Permission License and Access Control Issues Vulnerability

The Schneider Electric 1st Gen Pelco Sarix Enhanced Camera is a series of fixed IP cameras from Schneider Electric France. A vulnerability exists in the web-based GUI in the Schneider Electric 1st Gen Pelco Sarix Enhanced Camera with privilege permission and access control issues. The vulnerabili...

6.5CVSS6.8AI score0.01263EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/24 12:0 a.m.2 views

Schneider Electric 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera Arbitrary OS Command Execution Vulnerability

Schneider Electric 1st Gen Pelco Sarix Enhanced Camera and Schneider Electric Spectra Enhanced PTZ Camera are products of Schneider Electric, France. The Schneider Electric 1st Gen Pelco Sarix Enhanced Camera is a series of fixed IP cameras and the Schneider Electric Spectra Enhanced PTZ Camera i...

9CVSS7.3AI score0.01721EPSS
Exploits1References1
NVD
NVD
added 2019/05/22 8:29 p.m.23 views

CVE-2018-7827

A Cross-Site Scripting XSS vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which a remote attacker can execute arbitrary HTML and script code in a user’s browser session...

5.4CVSS5.3AI score0.00818EPSS
Exploits1References1
CVE
CVE
added 2019/05/22 7:33 p.m.85 views

CVE-2018-7827

CVE-2018-7827 is a publicly documented Cross-Site Scripting (XSS) vulnerability in Schneider Electric 1st Gen Pelco Sarix Enhanced Cameras and Spectra Enhanced PTZ Cameras. Multiple connected sources (NVD, Red Hat, CNVD, CVE listing) describe an XSS that allows a remote attacker to cause arbitrar...

5.4CVSS5.3AI score0.00818EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/05/22 7:33 p.m.60 views

CVE-2018-7826

The CVE-2018-7826 entry concerns a Command Injection vulnerability in the web-based GUI of the Schneider Electric 1st Gen Pelco Sarix Enhanced Camera . Connected sources describe the root cause as insufficient input validation during construction of executable commands in the web interface, enabl...

8.8CVSS8.9AI score0.0221EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.4 views

The vulnerability of the web interface of the microprogramming software for Pelco cameras, models Sarix Enhanced and Spectra Enhanced, allows a intruder to execute any JavaScript code in the user’s browser.

The vulnerability of the web interfaces of Pelco Sarix Enhanced and Spectra Enhanced microprogramming systems lies in the insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser...

8.8CVSS6.3AI score0.00818EPSS
Exploits1References1Affected Software59
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.3 views

The vulnerability of the web interface of Pelco Sarix Enhanced camera software allows a intruder to delete any file they desire.

The vulnerability of the WEB interface of Pelco Sarix Enhanced camera software systems is related to errors in access control management. Exploiting this vulnerability could allow a remote attacker to delete any file they desire...

8CVSS6.6AI score0.01263EPSS
Exploits0References2Affected Software55
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.16 views

The vulnerability of the WEB interface of the microprogramming software for Pelco Sarix Enhanced cameras allows a intruder to execute arbitrary commands.

The vulnerability of the WEB interface of Pelco Sarix Enhanced camera software systems is related to insufficient verification of input data. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary commands through the WEB interface...

9CVSS8AI score0.0221EPSS
Exploits0References2Affected Software55
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.5 views

The vulnerability of the microprogrammed software of Pelco Sarix Enhanced and Spectra Enhanced cameras, related to insufficient neutralization of specific elements in the request, allows a intruder to execute arbitrary system commands.

The vulnerability of the microprogrammed software in Pelco Sarix Enhanced and Spectra Enhanced cameras is related to the insufficient neutralization of specific elements in the request. Exploiting this vulnerability can allow a intruder to execute arbitrary system commands...

9CVSS7.9AI score0.01721EPSS
Exploits1References1Affected Software59
BDU FSTEC
BDU FSTEC
added 2019/03/06 12:0 a.m.6 views

The vulnerability of the microprogramming software used in Pelco Sarix Enhanced and Spectra Enhanced cameras arises from insufficient verification of the authenticity of the requests being sent. This allows intruders to gain access to the camera’s interface.

The vulnerability of the microprogramming software used in Pelco Sarix Enhanced and Spectra Enhanced cameras is related to insufficient verification of the authenticity of the requests being sent. Exploiting this vulnerability can allow a intruder to gain access to the camera through a specially...

9CVSS7.6AI score0.00572EPSS
Exploits0References2Affected Software59
seebug.org
seebug.org
added 2017/12/08 12:0 a.m.40 views

Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution

Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...

8AI score
Exploits0
seebug.org
seebug.org
added 2017/12/08 12:0 a.m.43 views

Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access

Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2017/12/08 12:0 a.m.52 views

Schneider Electric Pelco Sarix/Spectra Cameras Multiple XSS Vulnerabilities

Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...

7AI score
Exploits0
CNVD
CNVD
added 2017/11/24 12:0 a.m.4 views

Command Execution Vulnerability in the pelco Sarix Enhanced Dot1xSetupController.php File

pelco Sarix Enhanced is a webcam. A command execution vulnerability exists in the pelco Sarix Enhanced Dot1xSetupController.php file. The vulnerability is caused due to the program failing to properly perform validity checks when processing user-submitted data, allowing an attacker who has been...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/11/24 12:0 a.m.1 views

Command Execution Vulnerability in the pelco Sarix Enhanced GeneralSetupController.php File

pelco Sarix Enhanced is a webcam. A command execution vulnerability exists in the pelco Sarix Enhanced GeneralSetupController.php file. The vulnerability is caused due to the program failing to properly perform validity checks when processing user-submitted data, which allows an attacker...

7.8AI score
Exploits0
CNVD
CNVD
added 2017/11/24 12:0 a.m.4 views

Arbitrary File Deletion Vulnerability in the Pelco Sarix Enhanced GeneralSetupController.php File

pelco Sarix Enhanced is a webcam. An arbitrary file deletion vulnerability exists in the pelco Sarix Enhanced GeneralSetupController.php file. The vulnerability is due to the program failing to properly check for uploaded files when processing them, an attacker can delete arbitrary files in the...

6.9AI score
Exploits0
0day.today
0day.today
added 2017/07/11 12:0 a.m.51 views

Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access Vulnerability

Pelco IP cameras suffer from a cross site request forgery vulnerability. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileg...

6.9AI score
Exploits0
exploitpack
exploitpack
added 2017/07/10 12:0 a.m.38 views

Pelco SarixSpectra Cameras - Cross-Site Request Forgery (Enable SSH Root Access)

Pelco SarixSpectra Cameras - Cross-Site Request Forgery Enable SSH Root Access Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Sarix Enhanced - Model: IME219 Firmware:...

0.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2017/07/10 12:0 a.m.199 views

Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access

Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...

5.8AI score
Exploits0
Rows per page
Query Builder