Ankit Anubhav

**Name of the Vulnerable Software and Affected Versions** ENTTEC Datagate MK2 versions prior to 70044 ENTTEC Storm 24 versions prior to 70050 ENTTEC Pixelator versions prior to 70060 **Description** The issue allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service condition. **Recommendations** For ENTTEC Datagate MK2 versions prior to 70044, update to version 70044 or later. For ENTTEC Storm 24 versions prior to 70050, update to version 70050 or later. For ENTTEC Pixelator versions prior to 70060, update to version 70060 or later.

**Name of the Vulnerable Software and Affected Versions** Circontrol CirCarLife versions prior to 4.3.1 **Description** The issue allows authentication to the device to be bypassed by entering the URL of a specific page. **Recommendations** For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Huawei HG products (affected versions not specified) **Description** The issue is related to an information leak vulnerability in Huawei HG products. This vulnerability can be exploited by an attacker to obtain unauthorized access to protected data on the device. The vulnerability is associated with errors in the security mechanisms of the device's software. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Tec4Data SmartCooler versions prior to 180806 **Description** The device is susceptible to a remote unauthenticated reboot command, which can be utilized to perform a denial of service attack. **Recommendations** For versions prior to 180806, update the firmware to version 180806 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Davolink DVW-3200N versions prior to 1.00.06 **Description** The device generates a weak password hash that can be easily cracked, allowing a remote attacker to obtain the device's password. **Recommendations** For versions prior to 1.00.06, update to version 1.00.06 or later to resolve the issue. As a temporary workaround, consider changing the device's password to a strong and unique one, and restrict access to the device until the update is applied.