PT-2019-1487 · Pelco · Pelco Sarix Enhanced Camera

Publicado

2019-02-14

Atualizado

2019-05-28

CVE-2018-7826

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Pelco Sarix Enhanced Camera (affected versions not specified)

Description A Command Injection issue exists in the web-based GUI of the Pelco Sarix Enhanced Camera, potentially allowing a remote attacker to execute arbitrary commands. The vulnerability is related to insufficient input validation in the camera's firmware, which could be exploited by a remote attacker to execute commands through the web interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Command Injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77CWE-74

Identificadores relacionados

BDU:2019-00896

CVE-2018-7826

Produtos afetados

Pelco Sarix Enhanced Camera

PT-2019-1487 · Pelco · Pelco Sarix Enhanced Camera

CVE-2018-7826

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4