GCVE - cpe:2.3:a:barco:control_room_management

Approved changes feed: RSS · Atom

cpe:2.3:a:barco:control_room_management_suite:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Barco (`3c3a5404-c880-50a8-8ef3-15e93251f6e5`)
Product	Control Room Management Suite (`0b953854-f0a0-53d1-9a3e-7fa07d67b331`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-26978`	vulnerable	2026-06-03 14:46:45.446024	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS. Published: 2022-06-01T11:35:22.000Z Updated: 2024-08-03T05:18:39.136Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12686	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26977`	vulnerable	2026-06-03 14:46:45.445753	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS. Published: 2022-06-01T11:35:16.000Z Updated: 2024-08-03T05:18:39.263Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12683	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26976`	vulnerable	2026-06-03 14:46:45.445478	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS. Published: 2022-06-01T11:35:06.000Z Updated: 2024-08-03T05:18:39.221Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12682	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26975`	vulnerable	2026-06-03 14:46:45.445211	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing log files without authentication. Published: 2022-06-01T11:34:59.000Z Updated: 2024-08-03T05:18:39.305Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12677	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26974`	vulnerable	2026-06-03 14:46:45.444933	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS. Published: 2022-06-01T11:34:54.000Z Updated: 2024-08-03T05:18:39.396Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12684	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26973`	vulnerable	2026-06-03 14:46:45.444647	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details. Published: 2022-06-01T11:34:48.000Z Updated: 2024-08-03T05:18:39.210Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12678	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26972`	vulnerable	2026-06-03 14:46:45.444361	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS. Published: 2022-06-01T11:34:42.000Z Updated: 2024-08-03T05:18:38.461Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12685	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26971`	vulnerable	2026-06-03 14:46:45.444044	Details available Barco Control Room Management Suite web application, which is part of TransForm N before 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication. Published: 2022-06-01T11:34:37.000Z Updated: 2024-08-03T05:18:39.263Z Open on db.gcve.eu Reference links https://www.barco.com/en/support/transform-n-management-server https://www.barco.com/en/support/knowledge-base/KB12681	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-26233`	vulnerable	2026-06-03 14:46:41.809124	Details available Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring. Published: 2022-04-03T22:05:41.000Z Updated: 2024-08-03T04:56:37.891Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2022/Apr/0 http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Control Room Management Suite

PURL mappings

Vulnerability references

Contribute