GCVE - cpe:2.3:o:barco:transform_n:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:barco:transform_n:*:*:*:*:*:*:*:*

part: o version: * update: *

Vendor	Barco (`3c3a5404-c880-50a8-8ef3-15e93251f6e5`)
Product	Transform N (`d51b2759-dd09-58c4-bb4b-dc2551b7d11d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-17504`	vulnerable	2026-06-03 14:41:54.263280	Details available The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. Published: 2021-01-08T17:19:24.000Z Updated: 2024-08-04T14:00:48.658Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/cms https://www.barco.com/en/support/knowledge-base/kb11589	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-17503`	vulnerable	2026-06-03 14:41:54.262719	Details available The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameter "locking" is not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards. Published: 2021-01-08T17:17:37.000Z Updated: 2024-08-04T14:00:47.519Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/cms https://www.barco.com/en/support/knowledge-base/kb11589	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-17502`	vulnerable	2026-06-03 14:41:54.262017	Details available Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards. Published: 2021-01-08T17:15:57.000Z Updated: 2024-08-04T14:00:47.544Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/cms https://www.barco.com/en/support/knowledge-base/kb11589	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.