PT-2017-18887 · Barco · Clickshare Base Unit

Publicado

2017-10-30

Atualizado

2019-10-03

CVE-2017-9377

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Barco ClickShare Base Unit devices with CSM-1 firmware versions prior to 1.7.0.3 Barco ClickShare Base Unit devices with CSC-1 firmware versions prior to 1.10.0.10

Description A command injection issue was identified, allowing an attacker with access to the product's web API to completely compromise the vulnerable device.

Recommendations For Barco ClickShare Base Unit devices with CSM-1 firmware versions prior to 1.7.0.3, update to version 1.7.0.3 or later to resolve the issue. For Barco ClickShare Base Unit devices with CSC-1 firmware versions prior to 1.10.0.10, update to version 1.10.0.10 or later to resolve the issue.

Correção

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2017-9377

Produtos afetados

Clickshare Base Unit

PT-2017-18887 · Barco · Clickshare Base Unit

CVE-2017-9377

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6