Keksec

**Name of the Vulnerable Software and Affected Versions** Prismview System 9 version 11.10.17.00 Prismview Player 11 version 13.09.1100 **Description** The issue allows for remote code execution through the HTTP API by uploading a specific file, RebootSystem.lnk, and then requesting either "/REBOOTSYSTEM" or "/RESTARTVNC" API endpoints. Authentication is required to exploit this issue, but an XML file containing the necessary credentials can be downloaded, potentially simplifying the exploitation process. **Recommendations** For Prismview System 9 version 11.10.17.00, consider disabling the HTTP API or restricting access to the "/REBOOTSYSTEM" and "/RESTARTVNC" API endpoints until a fix is available. For Prismview Player 11 version 13.09.1100, restrict access to the HTTP API, specifically to the "/REBOOTSYSTEM" and "/RESTARTVNC" endpoints, to minimize the risk of exploitation.