cbcvebase.
CVE-2018-7828
published 2019-05-22

CVE-2018-7828: A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user…

high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera when an authenticated user clicks a specially crafted malicious link while logged into the camera.

Affected

59 ranges· showing 25
VendorProductVersion rangeFixed in
schneider-electricd6220_firmware>= 2.11
schneider-electricd6220l_firmware>= 2.11
schneider-electricd6230_firmware>= 2.11
schneider-electricd6230l_firmware>= 2.11
schneider-electricime119-1ei_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1ep_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1es_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1i_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1p_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1s_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1vi_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1vp_firmware< 2.2.3.02.2.3.0
schneider-electricime119-1vs_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1ei_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1ep_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1es_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1i_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1p_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1s_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1vi_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1vp_firmware< 2.2.3.02.2.3.0
schneider-electricime219-1vs_firmware< 2.2.3.02.2.3.0
schneider-electricime3122-1ei_firmware< 2.2.3.02.2.3.0
schneider-electricime3122-1ep_firmware< 2.2.3.02.2.3.0
schneider-electricime3122-1es_firmware< 2.2.3.02.2.3.0