CVE-2019-20451

2020-02-1014:39:06

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.8%

JSON

The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)

References

www.exploit-db.com/papers/47535