cbcvebase.
CVE-2019-18828
published 2019-12-16

CVE-2019-18828: Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces…

PriorityP431medium6.8CVSS 3.1
AVPACLPRNUINSUCHIHAH
EPSS
0.38%
29.6th percentile
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.

Affected

4 ranges
VendorProductVersion rangeFixed in
barcoclickshare_cs-100_firmware< 1.9.01.9.0
barcoclickshare_cse-200_+_firmware< 1.9.01.9.0
barcoclickshare_cse-200_firmware< 1.9.01.9.0
barcoclickshare_cse-800_firmware< 1.9.01.9.0

CVSS provenance

nvdv3.16.8MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.