Diconium

**Name of the Vulnerable Software and Affected Versions** lighttpd (affected versions not specified) **Description** An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the lighttpd server, potentially causing it to crash and enabling remote code execution due to missing stack protections. The vulnerability is present in a modified version of the lighttpd server. The `SESSIONID` cookie is a vulnerable parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** lighttpd (affected versions not specified) WAGO 0852-1322 (affected versions not specified) **Description** An issue exists where improper length handling during the parsing of multiple cookie fields, including the TRACKID field, can allow an unauthenticated remote attacker to send oversized cookie values. This can trigger a stack buffer overflow, potentially leading to a denial-of-service condition and possible remote code execution. The vulnerability affects devices that process cookies without proper size validation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** versions prior to 2026-22905 **Description** An unauthenticated remote attacker can bypass authentication due to insufficient URI validation. This allows exploitation through path traversal sequences, such as `/js/../cgi-bin/post.cgi`, to gain unauthorized access to protected CGI endpoints and configuration downloads. A path traversal attack exploits a flaw in an application's handling of user-supplied file paths, enabling attackers to access files and directories outside the intended web root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WAGO 0852-1322 (affected versions not specified) **Description** User credentials are stored using AES-ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords. This is especially concerning when combined with an authentication bypass. The issue poses a critical cybersecurity risk, particularly for organizations in the European Union's industrial sector. **Recommendations** Restrict access to the configuration file. Monitor for unauthorized access attempts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.