Filtered by vendor Barco
Subscriptions
Total
40 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-28331 | 1 Barco | 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware | 2024-08-04 | 7.5 High |
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. The web interface does not provide a visible capability to alter this configuration file variable. However, a malicious actor can include this variable in a POST such that the SSH daemon will be started when the device boots. | ||||
CVE-2020-28330 | 1 Barco | 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware | 2024-08-04 | 6.5 Medium |
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp of a Barco wePresent WiPG-1600W device. | ||||
CVE-2020-28333 | 1 Barco | 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware | 2024-08-04 | 9.8 Critical |
Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed in web proxy logs and browser history. An attacker that is able to capture the "SEID" and originate requests from the same IP address (via a NAT device or web proxy) would be able to access the user interface of the device without having to know the credentials. | ||||
CVE-2020-28329 | 1 Barco | 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware | 2024-08-04 | 9.8 Critical |
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. | ||||
CVE-2020-28334 | 1 Barco | 2 Wepresent Wipg-1600w, Wepresent Wipg-1600w Firmware | 2024-08-04 | 9.8 Critical |
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell. | ||||
CVE-2020-17504 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-08-04 | 7.2 High |
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. | ||||
CVE-2020-17500 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-08-04 | 9.8 Critical |
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result in unauthenticated remote code execution in the username and password fields of the logon prompt. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards. | ||||
CVE-2020-17502 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-08-04 | 7.2 High |
Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards. | ||||
CVE-2020-17503 | 1 Barco | 5 Transform N, Transform Ndn-210 Lite, Transform Ndn-210 Pro and 2 more | 2024-08-04 | 7.2 High |
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameter "locking" is not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. | ||||
CVE-2021-38142 | 1 Barco | 1 Mirrorop Windows Sender | 2024-08-04 | 8.8 High |
Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. An attacker on the local network can achieve remote code execution on any computer that tries to update Windows Sender due to the fact that the upgrade mechanism is not secured (is not protected with TLS). | ||||
CVE-2021-35482 | 1 Barco | 1 Mirrorop Windows Sender | 2024-08-04 | 7.8 High |
An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4.70. An attacker in the local network is able to achieve Remote Code Execution (with user privileges of the local user) on any device that tries to connect to a WePresent presentation system. | ||||
CVE-2022-26974 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 6.1 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS. | ||||
CVE-2022-26975 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 7.5 High |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication. | ||||
CVE-2022-26971 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 5.3 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication. | ||||
CVE-2022-26977 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 6.1 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS. | ||||
CVE-2022-26976 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 5.4 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS. | ||||
CVE-2022-26973 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 5.3 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details. | ||||
CVE-2022-26978 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 6.1 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS. | ||||
CVE-2022-26972 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 6.1 Medium |
Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS. | ||||
CVE-2022-26233 | 1 Barco | 1 Control Room Management Suite | 2024-08-03 | 7.5 High |
Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring. |