XML External Entity (XXE) Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware Versions Prior to 3.29.67
CVE-2018-7230 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67.
Learn more about our Web App Pen Testing.