Francisco Javier Medina Munuera

**Name of the Vulnerable Software and Affected Versions** Advanced IP Scanner (affected versions not specified) Advanced Port Scanner (affected versions not specified) **Description** The issue involves the unauthorized exposure of confidential information when the applications initiate a network scan, sending the NTLM hash of the user performing the scan. This can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, affecting both local and remote scenarios, and is relevant for both HTTP/HTTPS and SMB protocols. **Recommendations** For Advanced IP Scanner, consider restricting the use of the network scan feature until a fix is available. For Advanced Port Scanner, avoid using the network scan functionality until the issue is resolved. As a temporary workaround, consider disabling the network scan feature in both applications to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBERMATICA RPS 2019 (affected versions not specified) **Description** The issue allows an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses, or SQL queries sent to the application. This is achieved by accessing the URL "/RPS2019Service/status.html", which enables the logging mechanism and generates a log file that can be downloaded. **Recommendations** As a temporary workaround, consider restricting access to the "/RPS2019Service/status.html" endpoint until a patch is available. Avoid using the logging mechanism in the application until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IBERMATICA RPS version 2019 **Description** A cryptographic issue has been found, allowing an attacker to download a log file and retrieve SQL queries sent to the application in plain text. The log file contains password hashes coded with the AES-CBC-128 bits algorithm, which can be decrypted using a .NET function to obtain the username's password in plain text. **Recommendations** For IBERMATICA RPS version 2019, consider restricting access to the log file to prevent unauthorized downloads, and avoid using the .NET function to decrypt password hashes until a patch is available. As a temporary workaround, consider implementing additional security measures to protect password hashes, such as using a more secure encryption algorithm or hashing method. At the moment, there is no information about a newer version that contains a fix for this vulnerability.