RSS   Vulnerabilities for 'Player 11'   RSS

2020-02-10
 
CVE-2019-20451

CWE-434
 

 
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)

 

 >>> Vendor: Prismview 2 Products
Player 11
System 9


Copyright 2024, cxsecurity.com

 

Back to Top