Jürgen Bilberger

**Nome do software vulnerável e versões afetadas** Versões do LPAR2RRD ≤ 4.53 e ≤ 3.5 **Descrição** O problema diz respeito à injeção arbitrária de comandos no servidor de aplicativos. **Recomendações** Para as versões ≤ 4.53 e ≤ 3.5, no momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Avigilon Control Center (ACC) versions 4.0.0 through 4.12.0.53 Avigilon Control Center (ACC) versions 5.0.0 through 5.4.2.21 **Description** A directory traversal issue allows remote attackers to read arbitrary files by crafting a help/ URL. **Recommendations** For Avigilon Control Center (ACC) versions 4.0.0 through 4.12.0.53, update to version 4.12.0.54 or later. For Avigilon Control Center (ACC) versions 5.0.0 through 5.4.2.21, update to version 5.4.2.22 or later.

**Name of the Vulnerable Software and Affected Versions** IntraVUE versions prior to 2.3.0a14 **Description** The issue exists due to the program's failure to neutralize special elements used in an operating system command. This allows a remote attacker to execute arbitrary OS commands. **Recommendations** For versions prior to 2.3.0a14, update to version 2.3.0a14 or later to resolve the issue.