CVE-2018-7230

Name of the Vulnerable Software and Affected Versions Pelco Sarix Professional versions prior to 3.29.67

Description A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component. This issue may allow unauthorized access to sensitive data.

Recommendations For versions prior to 3.29.67, update to version 3.29.67 or later to resolve the issue. As a temporary workaround, consider restricting access to the import.cgi component of the web interface until a patch is applied.