Описание
A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchRelease Notes
- PatchRelease Notes
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchRelease Notes
- PatchRelease Notes
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.0.3 (исключая)
Одновременно
cpe:2.3:o:barco:clickshare_csm-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_csm-1:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.10.0.10 (исключая)
Одновременно
cpe:2.3:o:barco:clickshare_csc-1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_csc-1:-:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.0571
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device.
EPSS
Процентиль: 90%
0.0571
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78