Vulnerabilities > CVE-2018-13861 - Unspecified vulnerability in Trivum Webtouch Setup V9 Firmware 2.53

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

trivum

critical

NVD

Published: 2018-07-17

Updated: 2024-11-21

Summary

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example.

Vulnerable Configurations

Part	Description	Count
OS	Trivum Trivum Webtouch Setup V9 Firmware 2.53	1
Hardware	Trivum Trivum Webtouch Setup V9 -	1

References

https://vulncode.com/advisory/CVE-2018-13861
https://vulncode.com/advisory/CVE-2018-13861