4 matches found
CVE-2020-17504
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...
Command injection
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...
CVE-2020-17504
The CVE-2020-17504 issue affects Barco TransForm N solution’s NDN-210 device, where the web administration panel exposes a command injection vulnerability in ngpsystemcmd.php. Improper handling of the HTTP parameters x_modules and y_modules enables authenticated users to perform authenticated rem...
CVE-2020-17504
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters...