CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards.

Product Status

Learn more

Information not provided

References 3 Total

https://www.barco.com/en/support/transform-n-management-server
external site
https://www.barco.com/en/support/cms
external site
https://www.barco.com/en/support/knowledge-base/kb11589
external site

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

https://www.barco.com/en/support/transform-n-management-server
external site
x_transferred
https://www.barco.com/en/support/cms
external site
x_transferred
https://www.barco.com/en/support/knowledge-base/kb11589
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 3 Total

CVE Program

References 3 Total