Lucene search
K
BarcoControl Room Management Suite

9 matches found

CVE
CVE
added 2022/04/03 10:5 p.m.163 views

CVE-2022-26233

CVE-2022-26233 affects Barco Control Room Management Suite prior to or equal to 2.9 Build 0275. The vulnerability is a local file inclusion/directory traversal (LFI) where inputs from URLs are not properly sanitized, allowing an attacker to read sensitive files. The attack vector described is a c...

7.5CVSS7.9AI score0.15028EPSS
CVE
CVE
added 2022/06/01 11:34 a.m.72 views

CVE-2022-26975

CVE-2022-26975 affects the Barco Control Room Management Suite web application (part of TransForm N) prior to version 3.14. The issue is exposure of log files without authentication, as documented by Red Hat/NVD entries and vendor references. CVSSv3.1 base score 7.5 (HIGH) with HIGH confidentiali...

7.5CVSS7.5AI score0.00939EPSS
CVE
CVE
added 2022/06/01 11:34 a.m.66 views

CVE-2022-26974

The CVE affects Barco Control Room Management Suite web application (TransForm N before 3.14). A lack of input sanitization in the file-upload mechanism allows reflected XSS in the affected component. Red Hat and CNVD entries corroborate the vulnerability before version 3.14. Remediation is to up...

6.1CVSS6.2AI score0.00525EPSS
CVE
CVE
added 2022/06/01 11:35 a.m.66 views

CVE-2022-26976

The CVE-2022-26976 entry concerns Barco Control Room Management Suite (TransForm N before 3.14). The vulnerability is due to lack of input sanitization in a license file upload mechanism, enabling reflected XSS. The available documents confirm the affected product and the injection vector, but do...

5.4CVSS5.5AI score0.00421EPSS
CVE
CVE
added 2022/06/01 11:35 a.m.65 views

CVE-2022-26977

The Barco Control Room Management Suite web application (TransForm N before 3.14) exposes a license file upload mechanism with insufficient input sanitization, resulting in stored XSS. Affected component is the upload handling; impact is client-side script execution. No exploitation details are p...

6.1CVSS6.2AI score0.00525EPSS
CVE
CVE
added 2022/06/01 11:34 a.m.62 views

CVE-2022-26972

Barco Control Room Management Suite (TransForm N) web application is affected up to version 3.14. The vulnerability stems from unsanitized URL parameters on the /cgi-bin endpoint, enabling reflected cross-site scripting (XSS). Multiple connected sources corroborate the issue and scope, without de...

6.1CVSS6.2AI score0.00525EPSS
CVE
CVE
added 2022/06/01 11:34 a.m.62 views

CVE-2022-26973

The Barco Control Room Management Suite web application (TransForm N) prior to version 3.14 exposes a license file upload mechanism. The root cause is a flaw in handling the license file name, where manipulating the filename causes the application to return an error message that reveals internal ...

5.3CVSS5.4AI score0.00717EPSS
CVE
CVE
added 2022/06/01 11:34 a.m.61 views

CVE-2022-26971

Barco Control Room Management Suite web application (TransForm N, before version 3.14) exposes a license file upload mechanism that can be triggered without authentication. Root cause: unauthenticated upload path accessible in the web interface. Impact: enables unauthorized file uploads (license ...

5.3CVSS5.3AI score0.00674EPSS
CVE
CVE
added 2022/06/01 11:35 a.m.61 views

CVE-2022-26978

Barco Control Room Management Suite (TransForm N) before version 3.14 is affected. The vulnerability is a reflected XSS in the /checklogin.jsp endpoint where the os_username parameter is not properly sanitized, allowing client-side script execution. Exploitation context is network-based via that ...

6.1CVSS6.2AI score0.00525EPSS