Barco TransForm NDN-210 Pro
Approved changes feed: RSS · Atom
cpe:2.3:h:barco:transform_ndn-210_pro:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Barco (3c3a5404-c880-50a8-8ef3-15e93251f6e5) |
|---|---|
| Product | Transform Ndn 210 Pro (24b7d434-3528-5087-9aa5-745f265a95ce) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-17504 |
not_vulnerable | 2026-06-03 14:41:54.263330 |
Details available
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in ngpsystemcmd.php in which the http parameters "x_modules" and "y_modules" are not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards.
Published: 2021-01-08T17:19:24.000Z
Updated: 2024-08-04T14:00:48.658Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17503 |
not_vulnerable | 2026-06-03 14:41:54.262772 |
Details available
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameter "locking" is not properly handled. The NDN-210 is part of Barco TransForm N solution and this vulnerability is patched from TransForm N version 3.8 onwards.
Published: 2021-01-08T17:17:37.000Z
Updated: 2024-08-04T14:00:47.519Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17502 |
not_vulnerable | 2026-06-03 14:41:54.262110 |
Details available
Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users of the administration panel to perform authenticated remote code execution. An issue exists in split_card_cmd.php in which the http parameters xmodules, ymodules and savelocking are not properly handled. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.
Published: 2021-01-08T17:15:57.000Z
Updated: 2024-08-04T14:00:47.544Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-17500 |
not_vulnerable | 2026-06-03 14:41:54.258551 |
Details available
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over https. The logon method is basic authentication. There is a command injection issue that will result in unauthenticated remote code execution in the username and password fields of the logon prompt. The NDN-210 is part of Barco TransForm N solution and includes the patch from TransForm N version 3.8 onwards.
Published: 2021-01-07T20:51:12.000Z
Updated: 2024-08-04T14:00:47.546Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.