Command Injection Vulnerability in Barco TransForm N Solutions
CVE-2020-17500

9.8CRITICAL

Key Information:

Vendor: Barco
Status: Transform N
Vendor: CVE Published:; 7 January 2021

What is CVE-2020-17500?

The Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro products before version 3.8 are susceptible to a command injection vulnerability. This flaw allows an attacker to exploit the web administration panel via basic authentication, leading to potential unauthorized remote code execution through crafted username and password input. Upgrading to TransForm N version 3.8 or later is essential to mitigate this risk.