Schneider-Electric Pelco Videoxpert vulnerabilities
3 known vulnerabilities affecting schneider-electric/pelco_videoxpert.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-9966HIGHCVSS 7.1fixed in 2.12018-01-02
CVE-2017-9966 [HIGH] CVE-2017-9966: A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise vers
A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an unauthorized user can obtain system privileges and the inserted code would execute at an elevated privilege level.
nvd
CVE-2017-9965MEDIUMCVSS 5.8PoCfixed in 2.12018-01-02
CVE-2017-9965 [MEDIUM] CWE-22 CVE-2017-9965: An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert E
An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files.
nvd
CVE-2017-9964MEDIUMCVSS 6.9fixed in 2.12018-01-02
CVE-2017-9964 [MEDIUM] CWE-22 CVE-2017-9964: A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions
A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting in authentication bypass or session hijack.
nvd