MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18 allows unauthorized remote attackers to obtain sensitive information via the "/xml/menu/getObjectEditor.xml" URL, using a "?oidsystemSetup&id_0" or "?oidsystemUsers&id_0" GET request.
Publication date: Tue, 17 Jul 2018 19:29:00 +0000