Barco ClickShare CSM-1 Firmware 01.06.03.05

CPE Details

Barco ClickShare CSM-1 Firmware 01.06.03.05
barco
clickshare_csm-1_firmware
01.06.03.05
2017-01-17
18h24 +00:00
2021-05-26
16h50 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:barco:clickshare_csm-1_firmware:01.06.03.05:*:*:*:*:*:*:*

Informations

Vendor

barco

Product

clickshare_csm-1_firmware

Version

01.06.03.05

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2017-12460 2017-10-30 13h00 +00:00 An issue was discovered in Barco ClickShare CSM-1 firmware before v1.7.0.3 and CSC-1 firmware before v1.10.0.10. An authenticated user can manage the wallpaper collection in the webUI to be shown as background on the ClickShare product. By uploading a wallpaper with a specially crafted name, an HTML injection can be triggered as special characters are not neutralized before output.
5.4
Medium
CVE-2017-9377 2017-10-30 13h00 +00:00 A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device.
8.8
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.