CVE-2018-7829

CWE-943Improper Neutralization of Special Elements in Data Query Logic5 documents4 sources
Severity
8.8HIGH
EPSS
0.5%
top 33.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
59
Schneider-electric Ime119-1ei FirmwareSchneider-electric Ime119-1ep FirmwareSchneider-electric Ime119-1es Firmware+56 more
Timeline
PublishedMay 22
Latest updateMay 24

Description

An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which allows an attacker to execute arbitrary system commands.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages59 packages

🔴Vulnerability Details

2
GHSA
GHSA-37cj-hcx2-8pv7: An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen2022-05-24
CVEList
CVE-2018-7829: An Improper Neutralization of Special Elements in Query vulnerability exists in the 1st Gen2019-05-22

💬Community

2
Bugzilla
CVE-2017-7846 Mozilla: JavaScript Execution via RSS in mailbox:// origin2018-01-02
Bugzilla
CVE-2017-7829 Mozilla: From address with encoded null character is cut off in message header display2018-01-02
CVE-2018-7829 (HIGH CVSS 8.8) | An Improper Neutralization of Speci | cvebase.io