Christopher Campbell

**Name of the Vulnerable Software and Affected Versions** Mutiny Standard versions prior to 4.5-1.12 **Description** The issue allows remote attackers to execute arbitrary commands via the network-interface menu, related to a command injection vulnerability. **Recommendations** For versions prior to 4.5-1.12, update to version 4.5-1.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the network-interface menu until a patch is available.

**Name of the Vulnerable Software and Affected Versions** CoSoSys Endpoint Protector version 4 **Description** The issue allows remote attackers to gain access via a brute-force attack because the EPProot password is based entirely on the appliance serial number. **Recommendations** For CoSoSys Endpoint Protector version 4, consider changing the EPProot password to a strong, unique value that does not rely on the appliance serial number to prevent brute-force attacks.

**Name of the Vulnerable Software and Affected Versions** LG-Nortel ELO GS24M switch (affected versions not specified) **Description** The issue concerns the web management interface of the switch, which allows remote attackers to bypass authentication. This can lead to the exposure of cleartext credential and configuration information. The attack can be performed by making a direct request to a configuration web page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.