CVE-2018-7236
published 2018-03-09CVE-2018-7236: A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of…
high8.1CVSS 3.1
AVNACLPRNUIRSUCHIHAN
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could enable SSH service due to lack of authentication for /login/bin/set_param could enable SSH service.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | ibp1110-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | ibp219-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | ibp319-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | ibp519-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | ibps110-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp1110-1_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp1110-1e_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp1110-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp219-1_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp219-1e_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp219-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp319-1_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp319-1e_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp319-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp519-1_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp519-1e_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imp519-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imps110-1e_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | imps110-1er_firmware | < 3.29.67 | 3.29.67 |
| schneider-electric | mps110-1_firmware | < 3.29.67 | 3.29.67 |
| schneider_electric_se | pelco_sarix_professional | — | — |