Vulnerabilities > CVE-2018-13861 - Unspecified vulnerability in Trivum Webtouch Setup V9 Firmware 2.53

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
trivum
critical

Summary

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example.

Vulnerable Configurations

Part Description Count
OS
Trivum
1
Hardware
Trivum
1