Lucene search
+L

363 matches found

nuclei
nuclei
added yesterday56 views

Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

7.5CVSS7AI score0.15028EPSS
Exploits3References5
nuclei
nuclei
added 2026/07/07 4:50 p.m.79 views

Barco/AWIND OEM Presentation Platform - Remote Command Injection

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pr...

10CVSS7.3AI score0.98952EPSS
Exploits10References5
redhatcve
redhatcve
added 2026/01/09 10:43 a.m.7 views

CVE-2022-26975

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication...

7.5CVSS7AI score0.00939EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:43 a.m.8 views

CVE-2022-26977

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS...

6.1CVSS6.7AI score0.00525EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:42 a.m.7 views

CVE-2022-26973

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details...

5.3CVSS7AI score0.00717EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:42 a.m.7 views

CVE-2022-26233

Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring...

7.5CVSS6.7AI score0.15028EPSS
Exploits3References1
redhatcve
redhatcve
added 2026/01/09 10:42 a.m.8 views

CVE-2022-26978

Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The osusername parameters is not correctly sanitized, leading to reflected XSS...

6.1CVSS6.8AI score0.00525EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:19 a.m.8 views

CVE-2019-18824

Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used...

6.9CVSS7.2AI score0.00336EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:19 a.m.24 views

CVE-2019-18833

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure issue 2 of 2.. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An...

5.9CVSS6.9AI score0.00365EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 10:18 a.m.9 views

CVE-2019-18826

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...

9.8CVSS7AI score0.00678EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:18 a.m.8 views

CVE-2019-18831

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...

5.3CVSS7.2AI score0.00566EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:18 a.m.11 views

CVE-2019-18827

On Barco ClickShare Button R9861500D01 devices before firmware version 1.9.0 JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware...

5.9CVSS7.5AI score0.01353EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 10:17 a.m.9 views

CVE-2019-18832

Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable OTP AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01...

8.1CVSS7AI score0.00434EPSS
Exploits1References1
redhatcve
redhatcve
added 2026/01/09 9:48 a.m.8 views

CVE-2020-17500

Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection issue 1 of 4. The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result i...

9.8CVSS9AI score0.03938EPSS
Exploits0References1
nessus
nessus
added 2025/10/09 12:0 a.m.2 views

Barco ClickShare Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-3152)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

9.8CVSS8.5AI score0.02797EPSS
Exploits1References4
nessus
nessus
added 2025/10/09 12:0 a.m.3 views

Barco ClickShare Devices OS Command Injection (CVE-2019-18830)

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...

10CVSS8.9AI score0.04337EPSS
Exploits0References7
nessus
nessus
added 2025/10/09 12:0 a.m.4 views

Barco ClickShare Devices Improper Input Validation (CVE-2018-10943)

An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. Sending an arbitrary unexpected string to TCP port 7100 respecting a certain frequency timing disconnects all clients and results in a crash of the Unit. This plugin only works with Tenable.ot...

7.8CVSS7.5AI score0.01123EPSS
Exploits0References3
nessus
nessus
added 2025/10/09 12:0 a.m.5 views

Barco ClickShare Devices OS Command Injection (CVE-2017-9377)

A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device. This plugin only works...

9CVSS8AI score0.04345EPSS
Exploits0References5
nessus
nessus
added 2025/10/09 12:0 a.m.4 views

Barco ClickShare Devices Cross-site Scripting (CVE-2016-3150)

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

6.1CVSS6.2AI score0.01271EPSS
Exploits1References4
nessus
nessus
added 2025/10/09 12:0 a.m.7 views

Barco ClickShare Devices Arbitrary Code Execution (CVE-2016-3149)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

10CVSS8.9AI score0.07798EPSS
Exploits1References4
Rows per page
Query Builder