Vulnerability Details CVE-2017-9377
A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can exploit this vulnerability to completely compromise the vulnerable device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.06
EPSS Ranking 90.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- http://www.securityfocus.com/bid/101617
- https://www.barco.com/en/Support/software/R33050037
- https://www.barco.com/en/support/software/R33050020
- https://www.contextis.com/resources/advisories/cve-2017-9377
- http://www.securityfocus.com/bid/101617
- https://www.barco.com/en/Support/software/R33050037
- https://www.barco.com/en/support/software/R33050020
- https://www.contextis.com/resources/advisories/cve-2017-9377
Products affected by CVE-2017-9377
-
cpe:2.3:h:barco:clickshare_csc-1:-
-
cpe:2.3:h:barco:clickshare_csm-1:-
-
cpe:2.3:o:barco:clickshare_csc-1_firmware:01.09.02.03
-
cpe:2.3:o:barco:clickshare_csc-1_firmware:01.09.05.02
-
cpe:2.3:o:barco:clickshare_csm-1_firmware:01.06.01.04
-
cpe:2.3:o:barco:clickshare_csm-1_firmware:01.06.03.05