CVE-2019-18830
EUVD-2019-853216.12.2019, 17:15
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| barco | clickshare_cs-100_firmware | 𝑥 < 1.9.0 |
| barco | clickshare_cse-200_firmware | 𝑥 < 1.9.0 |
| barco | clickshare_cse-200\+_firmware | 𝑥 < 1.9.0 |
| barco | clickshare_cse-800_firmware | 𝑥 < 1.9.0 |
𝑥
= Vulnerable software versions
References