CVE-2018-7829

HIGH

Pelco Sarix Enhanced Camera/Spectra Enhanced PTZ Camera - Code Inje...

Title source: llm

Description

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary system commands.

References (1)

Core 1

Core References

Mitigation, Vendor Advisory x_refsource_misc

https://www.schneider-electric.com/en/download/document/SEVD-2019-045-03/

Scores

CVSS v3 8.8

EPSS 0.0172

EPSS Percentile 74.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-943

Status published

Products (50)

schneider-electric/d6220_firmware 2.11

schneider-electric/d6220l_firmware 2.11

schneider-electric/d6230_firmware 2.11

schneider-electric/d6230l_firmware 2.11

schneider-electric/ime119-1ei_firmware < 2.2.3.0

schneider-electric/ime119-1ep_firmware < 2.2.3.0

schneider-electric/ime119-1es_firmware < 2.2.3.0

schneider-electric/ime119-1i_firmware < 2.2.3.0

schneider-electric/ime119-1p_firmware < 2.2.3.0

schneider-electric/ime119-1s_firmware < 2.2.3.0

... and 40 more

Published May 22, 2019

Tracked Since Feb 18, 2026