Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. An attacker on the local network can achieve remote code execution on any computer that tries to update Windows Sender due to the fact that the upgrade mechanism is not secured (is not protected with TLS).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Barco MirrorOp Windows Sender 代码注入漏洞
Vulnerability Description
Barco MirrorOp Windows Sender是用于 wePresent 系统的镜像软件应用程序。 Barco MirrorOp Windows Sender 2.5.3.65之前版本存在安全漏洞,该漏洞源于软件使用明文HTTP,因此允许恶意软件升级。由于升级机制不安全(不受TLS保护),本地网络上的攻击者利用该漏洞可以在任何试图更新Windows Sender的计算机上实现远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A