A vulnerability was found in ST Engineering iDirect Evolution iQ-Series terminals, 3315-Series and 9-Series Terminals up to 4.5.2.1. It has been classified as problematic. This impacts the function reboot of the file /api/reboot of the component API endpoint. Performing a manipulation of the argument SameSite results in cross-site request forgery.

This vulnerability is cataloged as CVE-2026-38057. It is possible to initiate the attack remotely. There is no exploit available.