CVE-2018-7230
Severity
8.8HIGH
EPSS
0.3%
top 43.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 9
Latest updateMay 13
Description
A XML external entity (XXE) vulnerability exists in the import.cgi of the web interface component of the Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9