Unauthorized Remote Reboot and Function Execution in Touchpad / Trivum WebTouch Setup V9 V2.53
CVE-2018-13861 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example.
Learn more about our Web App Pen Testing.