Ivan Almuina

**Name of the Vulnerable Software and Affected Versions** Swisscom Centro Grande (ADB) DSL routers versions prior to 6.14.00 **Description** The issue concerns the certificate verification functions in the HNDS service, allowing remote attackers to access management functions. **Recommendations** For versions prior to 6.14.00, update the firmware to version 6.14.00 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FuseTalk versions (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected parameters are `FTVAR LINKP` and `FTVAR URLP` in the `/forum/include/error/autherror.cfm` endpoint, and the `FTVAR SCRIPTRUN` parameter in the `/forum/include/common/comfinish.cfm` and `/blog/include/common/comfinish.cfm` endpoints. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.