Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29 matches found

Packet Storm
Packet Stormadded 2018/07/26 12:0 a.m.32 views

Trivum Multiroom Setup Tool 8.76 Cross Site Request Forgery

Exploit Title: Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Date: 2018-07-25 Software Link: https://world.trivum-shop.de https://world.trivum-shop.de/ Version: 9.34 build 13381 - 12.07.18 Category: hardware, webapps Tested on: V8.76 - SNR 8604.26 - C4 Professional...

0.1AI score0.45461EPSS
Exploits5
0day.today
0day.todayadded 2018/07/26 12:0 a.m.31 views

Trivum Multiroom Setup Tool 8.76 - Cross-Site Request Forgery (Admin Bypass) Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Date: 2018-07-25 Software Link: https://world.trivum-shop.de https://world.trivum-shop.de/ Version: 9.34 build 13381 - 12.07.18 Category: hardware,...

0.2AI score0.45461EPSS
Exploits5
Exploit DB
Exploit DBadded 2018/07/26 12:0 a.m.233 views

Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)

Exploit Title: Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Date: 2018-07-25 Software Link: https://world.trivum-shop.de https://world.trivum-shop.de/ Version: 9.34 build 13381 - 12.07.18 Category: hardware, webapps Tested on: V8.76 - SNR 8604.26 - C4 Professional...

9.8CVSS9.7AI score0.45461EPSS
Exploits5
exploitpack
exploitpackadded 2018/07/26 12:0 a.m.15 views

Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)

Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Exploit Title: Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery Admin Bypass Date: 2018-07-25 Software Link: https://world.trivum-shop.de https://world.trivum-shop.de/ Version: 9.34 build 13381 - 12.07.18...

7.5CVSS0.1AI score0.45461EPSS
Exploits5
exploitpack
exploitpackadded 2018/07/20 12:0 a.m.23 views

Touchpad Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass

Touchpad Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass Exploit Title: Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 - Unauthorized Authentication Reset Date: 2018-07-20 Software Link: https://world.trivum-shop.de Version: 2.56 build 13381 - 12-07-2018 Category: webapps...

7.5CVSS0.48817EPSS
Exploits3
NVD
NVDadded 2018/07/17 2:29 p.m.8 views

CVE-2018-13858

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

10CVSS9.5AI score0.01509EPSS
Exploits0References1
NVD
NVDadded 2018/07/17 2:29 p.m.8 views

CVE-2018-13859

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18, allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" a successful...

9.8CVSS9.5AI score0.45461EPSS
Exploits5References3
Prion
Prionadded 2018/07/17 2:29 p.m.10 views

Design/Logic Flaw

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 FW 303 allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

10CVSS9.4AI score0.01777EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2018/07/17 2:29 p.m.10 views

Design/Logic Flaw

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

10CVSS9.4AI score0.01509EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/07/17 2:29 p.m.9 views

CVE-2018-13861

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 FW 303 allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

10CVSS9.5AI score0.01777EPSS
Exploits0References1
OSV
OSVadded 2018/07/17 2:29 p.m.1 views

CVE-2018-13861

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 FW 303 allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

9.8CVSS5.9AI score0.01777EPSS
Exploits0References1
Prion
Prionadded 2018/07/17 2:29 p.m.17 views

Cross site request forgery (csrf)

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18 allows unauthorized remote attackers to obtain sensitive information via the "/xml/menu/getObjectEditor.xml" URL, using a "?oid=systemSetup&id=0" or "?oid=systemUsers&id=0" GET...

5CVSS7.3AI score0.00297EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2018/07/17 2:29 p.m.2 views

CVE-2018-13862

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 FW 303 allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" a successful attack will allow attackers to...

9.8CVSS5.8AI score0.48817EPSS
Exploits3References3
Prion
Prionadded 2018/07/17 2:29 p.m.18 views

Authorization

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18, allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" a successful...

7.5CVSS9.5AI score0.45461EPSS
Exploits5References3Affected Software1
NVD
NVDadded 2018/07/17 2:29 p.m.10 views

CVE-2018-13862

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 FW 303 allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" a successful attack will allow attackers to...

9.8CVSS9.6AI score0.48817EPSS
Exploits3References3
NVD
NVDadded 2018/07/17 2:29 p.m.12 views

CVE-2018-13860

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18 allows unauthorized remote attackers to obtain sensitive information via the "/xml/menu/getObjectEditor.xml" URL, using a "?oid=systemSetup&id=0" or "?oid=systemUsers&id=0" GET...

7.5CVSS7.4AI score0.00297EPSS
Exploits0References2
OSV
OSVadded 2018/07/17 2:29 p.m.1 views

CVE-2018-13858

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

9.8CVSS5.9AI score0.01509EPSS
Exploits0References1
OSV
OSVadded 2018/07/17 2:29 p.m.2 views

CVE-2018-13860

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18 allows unauthorized remote attackers to obtain sensitive information via the "/xml/menu/getObjectEditor.xml" URL, using a "?oid=systemSetup&id=0" or "?oid=systemUsers&id=0" GET...

7.5CVSS5.8AI score0.00297EPSS
Exploits0References2
OSV
OSVadded 2018/07/17 2:29 p.m.1 views

CVE-2018-13859

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18, allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" a successful...

9.8CVSS5.8AI score0.45461EPSS
Exploits5References3
Cvelist
Cvelistadded 2018/07/17 2:0 p.m.11 views

CVE-2018-13858

MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the "/xml/system/control.xml" URL, using the GET request "?action=reboot" for example...

9.6AI score0.01509EPSS
Exploits0References1
Rows per page
Query Builder