Vulnerabilities > CVE-2018-13862 - Unspecified vulnerability in Trivum Webtouch Setup V9 Firmware 2.53
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" (a successful attack will allow attackers to login without authorization).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Hardware | 1 |
Exploit-Db
| description | Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass. CVE-2018-13862. Webapps exploit for Hardware platform. Tags: Authentication Bypass... |
| file | exploits/hardware/webapps/45063.txt |
| id | EDB-ID:45063 |
| last seen | 2018-07-24 |
| modified | 2018-07-20 |
| platform | hardware |
| port | |
| published | 2018-07-20 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/45063/ |
| title | Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass |
| type | webapps |