DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesnt check if its being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker crafts an HTML page (e.g., with OBJECT classid= and ) to overwrite arbitrary files.
Weakness
The product does not properly verify that the source of data or communication is valid.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Digital_sentry_server | Pelco | * | 7.19.67 (excluding) |
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/111.html
- https://cwe.mitre.org/data/definitions/141.html
- https://cwe.mitre.org/data/definitions/142.html
- https://cwe.mitre.org/data/definitions/160.html
- https://cwe.mitre.org/data/definitions/21.html
- https://cwe.mitre.org/data/definitions/384.html
- https://cwe.mitre.org/data/definitions/385.html
- https://cwe.mitre.org/data/definitions/386.html
- https://cwe.mitre.org/data/definitions/387.html
- https://cwe.mitre.org/data/definitions/388.html
- https://cwe.mitre.org/data/definitions/510.html
- https://cwe.mitre.org/data/definitions/59.html
- https://cwe.mitre.org/data/definitions/60.html
- https://cwe.mitre.org/data/definitions/75.html
- https://cwe.mitre.org/data/definitions/76.html
- https://cwe.mitre.org/data/definitions/89.html
References
- https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server_AFW.txt
- https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history
- https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server_AFW.txt
- https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history