CVE-2022-26233: Path Traversal
First published: Sun Apr 03 2022(Updated: )
Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Barco Control Room Management Suite | <=2.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-26233?
CVE-2022-26233 is a vulnerability in Barco Control Room Management Suite 2.9 Build 0275 that allows directory traversal, enabling attackers to access sensitive information and components.
What is the severity of CVE-2022-26233?
CVE-2022-26233 has a severity level of high with a CVSS score of 7.5.
How does CVE-2022-26233 affect Barco Control Room Management Suite?
CVE-2022-26233 affects Barco Control Room Management Suite 2.9 Build 0275, allowing directory traversal and exposing sensitive information and components.
How can an attacker exploit CVE-2022-26233?
An attacker can exploit CVE-2022-26233 by sending requests with the "GET /..\.." substring to access files outside of the intended directory.
Is there a fix for CVE-2022-26233?
Yes, ensure that you are using a patched version of Barco Control Room Management Suite to fix CVE-2022-26233.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/barco
- canonical/barco control room management suite
- version/barco control room management suite/2.9