Barco ClickShare Devices Arbitrary Code Execution (CVE-2016-3149)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Command injection

A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device...

CVE-2016-3150

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

PT-2017-8350

Name of the Vulnerable Software and Affected Versions Barco ClickShare CSC-1 devices with firmware prior to 01.09.03 Barco ClickShare CSM-1 devices with firmware prior to 01.06.02 Barco ClickShare CSE-200 devices with firmware prior to 01.03.02 Description A directory traversal issue exists in th...