CVE-2026-1241

Pelco Sarix Professional 3 Series IP Cameras expose an authentication bypass via their web management interface. The CVE notes insufficient enforcement of access controls, enabling some functionality to be accessed without authentication and potentially allowing unauthorized viewing of live video...

Pelco, Inc. Sarix Pro 3 Series IP Cameras

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to gain unauthorized access to sensitive device data, bypass surveillance controls, and expose facilities to privacy breaches, operational risks, and regulatory compliance issues. 2. RECOMMENDED PRACTICES CISA...

Schneider Pelco Sarix Pro camera fastjpeg has unauthorized access vulnerability

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. An unauthorized access vulnerability exists in the Schneider Pelco Sarix Pro camera fastjpeg, which stems from the lack of privilege checks on the fastjpeg interface, and can be exploited by an attacker to gain...

Unauthorized access vulnerability in snap.cgi of Schneider Pelco Sarix Pro camera

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. An unauthorized access vulnerability exists in the snap.cgi of the Schneider Pelco Sarix Pro camera. The vulnerability stems from the lack of privilege checks on the snap.cgi interface, which can be exploited by an...

Command Injection Vulnerability in Schneider Pelco Sarix Pro camera set program network.ieee8021x.delete_certs

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. A command injection vulnerability exists in the Schneider Pelco Sarix Pro camera set program network.ieee8021x.deletecerts, which can be exploited by an attacker to execute arbitrary commands in the background via an...

Command Injection Vulnerability in Schneider Pelco Sarix Pro Camera set Program system.download.sd_file

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. A command injection vulnerability exists in the Schneider Pelco Sarix Pro camera set program system.download.sdfile, which can be exploited by an attacker to execute arbitrary commands in the background via an http...

Command Injection Vulnerability in Schneider Pelco Sarix Pro Camera set Program system.opkg.remove

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. A command injection vulnerability exists in the Schneider Pelco Sarix Pro camera set program system.opkg.remove, which can be exploited by an attacker to execute arbitrary commands in the background via an http request...

Arbitrary file deletion vulnerability in Schneider Pelco Sarix Pro camera set program system.delete.sd_file

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. An arbitrary file deletion vulnerability exists in the Schneider Pelco Sarix Pro camera set program system.delete.sdfile, which can be exploited by an attacker to delete arbitrary system files via an http request...

Schneider Pelco Sarix Pro camera snapshot.cgi has an unauthorized access vulnerability

Pelco Sarix Pro is a video surveillance device from Schneider Electric France. An unauthorized access vulnerability exists in the snapshot.cgi of the Schneider Pelco Sarix Pro camera. The vulnerability stems from the lack of privilege checks on the snapshot.cgi interface, which can be exploited b...

CVE-2018-7781

In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation...

CVE-2018-7237

Summary: The vulnerability CVE-2018-7237 affects Schneider Electric’s Pelco Sarix Professional cameras. In firmware versions prior to 3.29.67, an attacker could remotely trigger deletion of arbitrary system files due to lack of validation of the /login/bin/set_param parameter value for system.del...

Information Disclosure Vulnerability in Pelco Sarix Pro Network Camera

pelco Sarix Professional is a video camera. An information disclosure vulnerability exists in the pelco Sarix Pro network camera. The vulnerability allows attackers to obtain sensitive information...

Pelco Sarix Pro Network Camera WEB Management Interface Login Bypass Vulnerability

pelco Sarix Professional is a video camera. A login bypass vulnerability exists in the WEB management interface of the pelco Sarix Pro network camera. This allows an attacker to bypass password authentication and log in to the WEB management interface directly as an administrator...

Weak Password Vulnerability in WEB Management Interface of Pelco Sarix Pro Network Camera

pelco Sarix Professional is a video camera. A weak password vulnerability exists in the WEB management interface of the pelco Sarix Pro network camera. An attacker can obtain a hidden administrative account and use this account to perform any background operation, gain administrative privileges,...

XML Entity Injection Vulnerability in Pelco Sarix Pro Webcam import.cgi

pelco Sarix Professional is a video camera. An XML entity injection vulnerability in import.cgi in the pelco Sarix Pro webcam allows attackers to exploit the vulnerability to obtain sensitive information...

Command Execution Vulnerability in the set_param Program of the Pelco Sarix Pro Network Camera

pelco Sarix Professional is a video camera. A command execution vulnerability exists in the pelco Sarix Pro network camera setparam program. The vulnerability is caused due to the program not performing security checks on user-submitted parameters, allowing an attack to take full control of the...

Command execution vulnerability in the pelco Sarix Pro network camera set_param program (CNVD-2017-36494)

pelco Sarix Professional is a video camera. A command execution vulnerability exists in the pelco Sarix Pro network camera setparam program. The vulnerability is caused due to the program not performing security checks on user-submitted parameters, allowing an attack to take full control of the...

Command execution vulnerability in the pelco Sarix Pro network camera set_param program (CNVD-2017-36493)

pelco Sarix Professional is a video camera. A command execution vulnerability exists in the pelco Sarix Pro network camera setparam program. The vulnerability is caused due to the program not performing security checks on user-submitted parameters, allowing an attack to take full control of the...

Arbitrary File Download Vulnerability in the Pelco Sarix Pro Webcam ssldownload.cgi Program

pelco Sarix Professional is a video camera. An arbitrary file download vulnerability exists in the pelco Sarix Pro network camera ssldownload.cgi program. The vulnerability is caused due to the program failing to properly check the path and name of the downloaded file, allowing an attacker to...

Command Execution Vulnerability in the Pelco Sarix Pro Network Camera export.cgi Program

pelco Sarix Professional is a video camera. A command execution vulnerability exists in the pelco Sarix Pro network camera export.cgi program. The vulnerability is caused due to the program failing to perform a security check on data when executing system commands, allowing an attacker to take fu...