XML External Entity (XXE) Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware Versions Prior to 3.29.67

XML External Entity (XXE) Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware Versions Prior to 3.29.67

CVE-2018-7230 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67.

Learn more about our Web App Pen Testing.