Digital Sentry Server Security Vulnerabilities and Issues — Digital Sentry Server CVE List

Lucene search

PelcoDigital Sentry Server

3 matches found

CVE•added 2021/02/11 6:15 p.m.•34 views

CVE-2021-27184

Pelco Digital Sentry Server 7.18.72.11464 has an XML External Entity vulnerability (exploitable via the DTD parameter entities technique), resulting in disclosure and retrieval of arbitrary data on the affected node via an out-of-band (OOB) attack. The vulnerability is triggered when input passed t...

7.5CVSS7.4AI score0.00319EPSS

CVE•added 2021/02/12 4:15 p.m.•30 views

CVE-2021-27197

DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesn't check if it's being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker crafts an HTML page (e.g., with ...

8.8CVSS7.9AI score0.00295EPSS

CVE•added 2021/02/16 3:15 p.m.•28 views

CVE-2021-27232

The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage usi...

8.8CVSS8.8AI score0.0067EPSS