Directory Traversal Vulnerability in Barco ClickShare Products
CVE-2016-3151

7.5HIGH

Key Information:

Vendor: Barco
Status: Clickshare Csc-1 Firmware
Vendor: CVE Published:; 12 January 2017

What is CVE-2016-3151?

A directory traversal vulnerability exists in the wallpaper parsing functionality of Barco ClickShare devices, specifically impacting CSC-1 devices with firmware versions prior to 01.09.03, CSM-1 devices before 01.06.02, and CSE-200 devices with firmware before 01.03.02. This flaw allows remote attackers to exploit unspecified vectors to access sensitive files, such as the /etc/shadow file. Such unauthorized access can lead to significant security risks, exposing encrypted user credentials and potentially enabling further attacks.