CVE Tools

barco

Networking InfrastructureBEcommercial

30

Cumulative CVEs

5

Monthly snapshots

#40

Peak rank

Top products

control room management suite8

Latest CVEs

The 15 most recently published vulnerabilities affecting barco.

CVE-2022-26978Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, lea...6.1Jun 1, 2022
CVE-2022-26977Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is lea...6.1Jun 1, 2022
CVE-2022-26976Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is lea...5.4Jun 1, 2022
CVE-2022-26975Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication.7.5Jun 1, 2022
CVE-2022-26974Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to refle...6.1Jun 1, 2022
CVE-2022-26973Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error mes...5.3Jun 1, 2022
CVE-2022-26972Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflec...6.1Jun 1, 2022
CVE-2022-26971Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication.5.3Jun 1, 2022
CVE-2022-26233Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must b...7.5Apr 3, 2022
CVE-2021-38142Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. An attacker on the local network can achieve remote code execution on any computer that tr...8.8Sep 7, 2021
CVE-2021-35482An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4.70. An attacker in the local network is able to achieve Remote Code Execution (with user privileges of the local user) on any d...7.8Jul 21, 2021
CVE-2020-17504The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenti...7.2Jan 8, 2021
CVE-2020-17503The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenti...7.2Jan 8, 2021
CVE-2020-17502Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will all...7.2Jan 8, 2021
CVE-2020-17500Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over ...9.8Jan 7, 2021