CVE-2018-7829

HIGH

Pelco Sarix Enhanced Camera/Spectra Enhanced PTZ Camera - Code Inje...

Title source: llm

Description

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary system commands.

References (1)

[Mitigation, Vendor Advisory] https://www.schneider-electric.com/en/download/document/SEVD-2019-045-03/

Scores

CVSS v3 8.8

EPSS 0.0052

EPSS Percentile 67.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-943

Status published

Products (50)

schneider-electric/d6220_firmware 2.11

schneider-electric/d6220l_firmware 2.11

schneider-electric/d6230_firmware 2.11

schneider-electric/d6230l_firmware 2.11

schneider-electric/ime119-1ei_firmware < 2.2.3.0

schneider-electric/ime119-1ep_firmware < 2.2.3.0

schneider-electric/ime119-1es_firmware < 2.2.3.0

schneider-electric/ime119-1i_firmware < 2.2.3.0

schneider-electric/ime119-1p_firmware < 2.2.3.0

schneider-electric/ime119-1s_firmware < 2.2.3.0

... and 40 more

Published May 22, 2019

Tracked Since Feb 18, 2026