{"api_version":"1","generated_at":"2026-04-23T11:35:23+00:00","cve":"CVE-2022-26233","urls":{"html":"https://cve.report/CVE-2022-26233","api":"https://cve.report/api/cve/CVE-2022-26233.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-26233","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-26233"},"summary":{"title":"CVE-2022-26233","description":"Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the \"GET /..\\..\" substring.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-04-03 23:15:00","updated_at":"2022-04-11 17:45:00"},"problem_types":["CWE-22"],"metrics":[],"references":[{"url":"http://seclists.org/fulldisclosure/2022/Apr/0","name":"http://seclists.org/fulldisclosure/2022/Apr/0","refsource":"MISC","tags":[],"title":"Full Disclosure: CVE-2022-26233: Barco Control Room Management Suite File Path Traversal Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html","name":"http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html","refsource":"MISC","tags":[],"title":"Barco Control Room Management Suite Directory Traversal ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-26233","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26233","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"26233","vulnerable":"1","versionEndIncluding":"2.9","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"barco","cpe5":"control_room_management_suite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-26233","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the \"GET /..\\..\" substring."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"http://seclists.org/fulldisclosure/2022/Apr/0","url":"http://seclists.org/fulldisclosure/2022/Apr/0"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html","url":"http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html"}]}},"nvd":{"publishedDate":"2022-04-03 23:15:00","lastModifiedDate":"2022-04-11 17:45:00","problem_types":["CWE-22"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:barco:control_room_management_suite:*:*:*:*:*:*:*:*","versionEndIncluding":"2.9","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}