exploitDog

GHSA-qjq7-2mhq-r456

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate.

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-295

Связанные уязвимости

CVE-2018-7234

CVSS3: 7.5

nvd

почти 8 лет назад

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate.

EPSS

Процентиль: 33%

0.00134

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-295