A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow a remote attacker to delete arbitrary system file due to lack of validation of the /login/bin/set_param to the file name with the value of 'system.delete.sd_file'
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2018-03-09T23:00:00Z

Updated: 2024-09-16T23:00:39.249Z

Reserved: 2018-02-19T00:00:00

Link: CVE-2018-7237

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-09T23:29:00.873

Modified: 2024-11-21T04:11:50.997

Link: CVE-2018-7237

cve-icon Redhat

No data.