Control Room Management Suite Security Vulnerabilities

CVE-2022-26974

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected...

CVE-2022-26976

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected...

CVE-2022-26978

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected...

CVE-2022-26977

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored...

CVE-2022-26973

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path...

CVE-2022-26975

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without...

CVE-2022-26971

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without...

CVE-2022-26972

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected...

CVE-2022-26233

Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /...."...