CVE-2020-17500: Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of
criticalvulnerability
security
Summary
Barco TransForm NDN-210 and NDN-211 devices before version 3.8 have a command injection vulnerability (a flaw that lets attackers run unauthorized commands) in their web login page that allows unauthenticated remote code execution (an attacker can run commands on the device without logging in) through the username and password fields. The vulnerability affects multiple device models across the Barco TransForm N solution.
Solution / Mitigation
Update to TransForm N version 3.8 or later, which includes the patch for this issue.
Vulnerability Details
CVSS Score
9.8(critical)
EPSS (30-day exploit probability)
EPSS: 4.5%
Classification
Attack SophisticationModerate
Original source: https://nvd.nist.gov/vuln/detail/CVE-2020-17500
First tracked: February 15, 2026 at 08:52 PM
Classified by LLM (prompt v3) · confidence: 95%