1. Home
  2. CVE Database
  3. CVE-2018-7780
CRITICAL · 9.8

CVE-2018-7780

In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".

Vulnerability Description

In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
Schneider-ElectricImps110-1 Firmware< 3.29.69
Schneider-ElectricImps110-1-
Schneider-ElectricImps110-1E Firmware< 3.29.69
Schneider-ElectricImps110-1E-
Schneider-ElectricImps110-1Er Firmware< 3.29.69
Schneider-ElectricImps110-1Er-
Schneider-ElectricIbps110-1Er Firmware< 3.29.69
Schneider-ElectricIbps110-1Er-
Schneider-ElectricImp1110-1 Firmware< 3.29.69
Schneider-ElectricImp1110-1-
Schneider-ElectricImp1110-1E Firmware< 3.29.69
Schneider-ElectricImp1110-1E-
Schneider-ElectricImp1110-1Er Firmware< 3.29.69
Schneider-ElectricImp1110-1Er-
Schneider-ElectricIbp1110-1Er Firmware< 3.29.69
Schneider-ElectricIbp1110-1Er-
Schneider-ElectricImp219-1 Firmware< 3.29.69
Schneider-ElectricImp219-1-
Schneider-ElectricImp219-1E Firmware< 3.29.69
Schneider-ElectricImp219-1E-

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2018-7780?

CVE-2018-7780 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".

How severe is CVE-2018-7780?

CVE-2018-7780 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2018-7780?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Imps110-1 Firmware, Schneider-Electric Imps110-1, Schneider-Electric Imps110-1E Firmware, Schneider-Electric Imps110-1E, Schneider-Electric Imps110-1Er Firmware.