Clear Text Password Exposure and Privilege Escalation in Schneider Electric Pelco Sarix Professional 1st Generation Cameras

Clear Text Password Exposure and Privilege Escalation in Schneider Electric Pelco Sarix Professional 1st Generation Cameras

CVE-2018-7781 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.

Learn more about our User Device Pen Test.