Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
barco transform n vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-17500
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro prior to 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection iss...
Barco Transform N
7.5
CVSSv3
CVE-2022-26975
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing log files without authentication.
Barco Control Room Management Suite
7.2
CVSSv3
CVE-2020-17503
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the htt...
Barco Transform N
7.2
CVSSv3
CVE-2020-17504
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http ...
Barco Transform N
7.2
CVSSv3
CVE-2020-17502
Barco TransForm N prior to 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remot...
Barco Transform N
6.1
CVSSv3
CVE-2022-26974
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26977
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26978
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26972
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS.
Barco Control Room Management Suite
5.4
CVSSv3
CVE-2022-26976
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS.
Barco Control Room Management Suite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »