Fernando Miranda

**Nome do software vulnerável e versões afetadas: Câmera IP FOSCAM FI8620 (versões afetadas não especificadas) Descrição: Existe uma falha devido a restrições de acesso insuficientes nos diretórios `/tmpfs/` e `/log/`, o que poderia permitir que um usuário mal-intencionado obtivesse informações confidenciais. Recomendações: No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas: Câmeras IP Zavio, versões 1.6.03 e anteriores Descrição: Existe uma falha de contorno de autenticação na interface web das câmeras IP Zavio devido a uma conta de administrador codificada no arquivo boa.conf. Isso permite que um usuário mal-intencionado remoto obtenha informações confidenciais. Recomendações: Para as versões 1.6.03 e anteriores, considere desativar a interface web até que um patch esteja disponível para impedir a exploração da conta de administrador codificada. Restrinja o acesso ao arquivo boa.conf para minimizar o risco de divulgação de informações confidenciais. Evite usar a conta de administrador padrão nas câmeras IP Zavio afetadas até que o problema seja resolvido.

**Name of the Vulnerable Software and Affected Versions** Vivotek IP Cameras (affected versions not specified) **Description** The issue concerns a remote authentication bypass in Vivotek IP Cameras, which could allow unauthorized access to the video stream. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SAP Router versions prior to 721 patch 118 SAP Router versions prior to 720 patch 412 SAP Router versions prior to 710 patch 030 **Description** The issue allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, also known as a timing side-channel attack. This occurs because the `passwordCheck` function terminates validation of a Route Permission Table entry password upon encountering the first incorrect character. **Recommendations** For SAP Router version 721 patch 117 and earlier, update to version 721 patch 118 or later. For SAP Router version 720 patch 411 and earlier, update to version 720 patch 412 or later. For SAP Router version 710 patch 029 and earlier, update to version 710 patch 030 or later.

**Name of the Vulnerable Software and Affected Versions** IcoFX versions 2.5 and earlier **Description** The issue allows remote attackers to execute arbitrary code via a long `idCount` value in an `ICONDIR` structure in an ICO file. This is a stack-based buffer overflow. **Recommendations** For IcoFX versions 2.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Artweaver versions prior to 3.1.6 **Description** The issue is related to a buffer overflow that can be triggered by a crafted AWD file, potentially allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. **Recommendations** For versions prior to 3.1.6, update to version 3.1.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Ubiquiti UBNT AirCam with airVision firmware versions prior to 1.1.6 **Description** The issue is related to a buffer overflow in the ubnt-streamer RTSP service. This occurs when a long rtsp: URI is sent in a DESCRIBE request, allowing remote attackers to execute arbitrary code. **Recommendations** For versions prior to 1.1.6, update the airVision firmware to version 1.1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the RTSP service to minimize the risk of exploitation.