CVE-2022-26973 Information

Description

Barco Control Room Management Suite web application which is part of TransForm N before 3.14 is exposing a license file upload mechanism. By tweaking the license file name the returned error message exposes internal directory path details.

Reference

https://www.barco.com/en/support/knowledge-base/KB12678 https://www.barco.com/en/support/transform-n-management-server