CVE-2018-7235

moderate-risk
Published 2018-03-09

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of the shell meta characters with the value of 'system.download.sd_file'

Do I need to act?

-
0.29% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (20)

Mps110-1 Firmware
Imps110-1Er Firmware
Ibps110-1Er Firmware
Imp1110-1 Firmware
Imp1110-1E Firmware
Imp1110-1Er Firmware
Ibp1110-1Er Firmware
Imp219-1 Firmware
Imp219-1E Firmware
Imp219-1Er Firmware
Ibp219-1Er Firmware
Imp319-1 Firmware
Imp319-1E Firmware
Ibp319-1Er Firmware
Imp519-1 Firmware
Imp319-1Er Firmware
Imp519-1E Firmware
Imp519-1Er Firmware
Ibp519-1Er Firmware
Imps110-1E Firmware

Affected Vendors

Schneider-Electric

References (2)

Patch https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/
Patch https://www.schneider-electric.com/en/download/document/SEVD-2018-058-01/
47
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 1/34 · Minimal
Exposure 20/34 · Moderate