John Kotheimer

**Name of the Vulnerable Software and Affected Versions** ZModo ZP-NE14-S and ZP-IBH-13W devices (affected versions not specified) **Description** The issue concerns a hardcoded root password, making it easier for remote attackers to gain access via a TELNET session. **Recommendations** For ZModo ZP-NE14-S and ZP-IBH-13W devices, consider changing the hardcoded root password to a unique and strong password as a temporary workaround. Restrict access to TELNET sessions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZModo ZP-NE14-S and ZP-IBH-13W devices (affected versions not specified) **Description** The issue concerns a lack of enforcement of a WPA2 configuration setting, allowing remote attackers to trigger association with an arbitrary access point by using a recognized SSID value. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.