Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2022/Apr/0 | Exploit Mailing List Third Party Advisory |
http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2022/Apr/0 | Exploit Mailing List Third Party Advisory |
Configurations
History
21 Nov 2024, 06:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://seclists.org/fulldisclosure/2022/Apr/0 - Exploit, Mailing List, Third Party Advisory |
11 Apr 2022, 17:45
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) http://seclists.org/fulldisclosure/2022/Apr/0 - Exploit, Mailing List, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-22 | |
CPE | cpe:2.3:a:barco:control_room_management_suite:*:*:*:*:*:*:*:* |
04 Apr 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Apr 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-03 23:15
Updated : 2024-11-21 06:53
NVD link : CVE-2022-26233
Mitre link : CVE-2022-26233
CVE.ORG link : CVE-2022-26233
JSON object : View
Products Affected
barco
- control_room_management_suite
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')