Vulnerabilities > Barco > Clickshare CSE 200 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-17 | CVE-2019-18825 | Unspecified vulnerability in Barco products Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. | 5.0 |
| 2019-12-16 | CVE-2019-18831 | Use of Hard-coded Credentials vulnerability in Barco products Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. | 3.5 |
| 2019-12-16 | CVE-2019-18830 | OS Command Injection vulnerability in Barco products Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. | 10.0 |
| 2019-12-16 | CVE-2019-18828 | Weak Password Requirements vulnerability in Barco products Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. | 7.2 |
| 2019-12-16 | CVE-2019-18827 | Improper Input Validation vulnerability in Barco products On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. | 4.3 |
| 2019-12-16 | CVE-2019-18826 | Improper Certificate Validation vulnerability in Barco products Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. | 7.5 |
| 2018-07-10 | CVE-2018-10943 | Improper Input Validation vulnerability in Barco products An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. | 7.8 |
| 2017-01-12 | CVE-2016-3151 | Path Traversal vulnerability in Barco products Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to read /etc/shadow via unspecified vectors. | 5.0 |
| 2017-01-12 | CVE-2016-3150 | Cross-site Scripting vulnerability in Barco products Cross-site scripting (XSS) vulnerability in wallpaper.php in the Base Unit in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |