Barco ClickShare Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-3152)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

Barco ClickShare Devices Cross-site Scripting (CVE-2016-3150)

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

Barco ClickShare Devices Arbitrary Code Execution (CVE-2016-3149)

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Unspecified Vulnerability in Barco ClickShare CSM-1 and ClickShare CSC-1

The Barco ClickShare CSM-1 and ClickShare CSC-1 are both host devices for the wireless presentation system from Barco Belgium. A security vulnerability exists in the Barco ClickShare CSM-1 using firmware versions prior to 1.7.0.3 and the Barco ClickShare CSC-1 using firmware versions prior to...

Barco ClickShare CSM-1 Base Unit and ClickShare CSC-1 Base Unit Command Injection Vulnerabilities

The Barco ClickShare CSM-1 Base Unit and ClickShare CSC-1 Base Unit are both host devices for wireless presentation systems from Barco Belgium. A command injection vulnerability exists in the ClickShare CSM-1 Base Unit using firmware versions prior to 1.7.0.3 and the ClickShare CSC-1 Base Unit...

Command injection

A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device...

CVE-2017-9377

Barco ClickShare Base Unit devices (CSM-1 firmware before 1.7.0.3; CSC-1 firmware before 1.10.0.10) are affected by CVE-2017-9377. A command injection vulnerability exists that an attacker with access to the product’s web API can exploit to completely compromise the affected device. The available...

CVE-2016-3150

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

CVE-2016-3151

Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to read /etc/shadow via unspecified...

CVE-2016-3152

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image...

CVE-2016-3152

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image...

CVE-2016-3150

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

Default credentials

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image...

Cross site scripting

Cross-site scripting XSS vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML v...

CVE-2016-3152

CVE-2016-3152 affects Barco ClickShare CSC-1 devices with firmware prior to 01.09.03. The Tenable.ot NASL plugin notes that remote attackers could obtain the root password by downloading and extracting the firmware image. The provided connected document does not specify a patch or remediation, no...

CVE-2016-3149

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 are affected by a remote code execution vulnerability. The gap allows remote attackers to execute arbitrary code via unspecified vectors on affected devices exposed to a network. The infor...

CVE-2016-3152

Barco ClickShare CSC-1 devices with firmware before 01.09.03 allow remote attackers to obtain the root password by downloading and extracting the firmware image...

CVE-2016-3149

Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors...

PT-2017-8351

Name of the Vulnerable Software and Affected Versions Barco ClickShare CSC-1 devices with firmware prior to 01.09.03 Description The issue allows remote attackers to obtain the root password by downloading and extracting the firmware image. Recommendations For Barco ClickShare CSC-1 devices with...

PT-2017-8350

Name of the Vulnerable Software and Affected Versions Barco ClickShare CSC-1 devices with firmware prior to 01.09.03 Barco ClickShare CSM-1 devices with firmware prior to 01.06.02 Barco ClickShare CSE-200 devices with firmware prior to 01.03.02 Description A directory traversal issue exists in th...