Vulnerability Description
Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Barco | Control Room Management Suite | <= 2.9 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Apr/0ExploitMailing ListThird Party Advisory
- http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-ExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2022/Apr/0ExploitMailing ListThird Party Advisory
FAQ
What is CVE-2022-26233?
CVE-2022-26233 is a vulnerability with a CVSS score of 7.5 (HIGH). Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begi...
How severe is CVE-2022-26233?
CVE-2022-26233 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-26233?
Check the references section above for vendor advisories and patch information. Affected products include: Barco Control Room Management Suite.