Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user 'nobody'.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-16T16:19:45
Updated: 2019-12-16T16:19:56
Reserved: 2019-11-07T00:00:00
Link: CVE-2019-18830
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-16T17:15:12.080
Modified: 2019-12-23T18:11:44.480
Link: CVE-2019-18830
JSON object: View
Redhat Information
No data.
CWE