CVE-2019-20451

2020-02-10T15:15:00
ID CVE-2019-20451
Type cve
Reporter cve@mitre.org
Modified 2020-02-18T20:04:00

Description

The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)