Antoine Neuenschwander

**Name of the Vulnerable Software and Affected Versions** Hangzhou Luoping Smart Locker (affected versions not specified) **Description** The issue concerns a predictable nonce used in the locking protocol of Hangzhou Luoping Smart Locker, which is utilized by oBike to lock bicycles. This predictability allows attackers to bypass the locking mechanism by using Bluetooth Low Energy (BLE) to replay ciphertext. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Genexis B.V. GAPS versions up to 7.2 **Description** The issue allows for the forgery of valid `chk` values for any given MAC address, enabling the reception of configuration settings of other subscribers' CPEs. These settings often contain sensitive information, such as credentials (`username`/`password`) for VoIP services. **Recommendations** For Genexis B.V. GAPS versions up to 7.2, update to a version later than 7.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** AdNovum nevisAuth versions 4.13.0.0 through 4.18.3.0 **Description** The issue concerns the SAML 2.0 implementation when using SAML POST-Binding. It does not properly match all attributes of the X.509 certificate embedded in the assertion against the certificate from the identity provider (IdP). This allows remote attackers to inject arbitrary SAML assertions via a crafted certificate. **Recommendations** For AdNovum nevisAuth versions 4.13.0.0 through 4.18.3.0, update to version 4.18.3.1 or later to resolve the issue.