Jonás Ropero Castillo

**Name of the Vulnerable Software and Affected Versions** AirLive WL2600CAM (affected versions not specified) **Description** The issue allows remote attackers to obtain the administrator password. This is achieved through the `cgi-bin/operator/param` endpoint, specifically by utilizing a list action. **Recommendations** For AirLive WL2600CAM, consider restricting access to the `cgi-bin/operator/param` endpoint until a patch is available. As a temporary workaround, limit the exposure of the device to the internet to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD (affected versions not specified) **Description** The issue concerns the storage of sensitive information in cleartext, allowing attackers to obtain passwords, user names, and other sensitive data by reading an unspecified backup file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Brickcom FB-100Ap versions 3.0.6.16C1 and earlier Brickcom WCB-100Ap versions 3.0.6.16C1 and earlier Brickcom MD-100Ap versions 3.0.6.16C1 and earlier Brickcom WFB-100Ap versions 3.0.6.16C1 and earlier Brickcom OB-100Ae versions 3.0.6.16C1 and earlier Brickcom OSD-040E versions 3.0.6.16C1 and earlier **Description** The issue allows remote attackers to obtain sensitive information, including user names, passwords, and configurations, by accessing the configfile.dump file via a get action. This is due to improper access restrictions. **Recommendations** For Brickcom FB-100Ap version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1. For Brickcom WCB-100Ap version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1. For Brickcom MD-100Ap version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1. For Brickcom WFB-100Ap version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1. For Brickcom OB-100Ae version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1. For Brickcom OSD-040E version 3.0.6.16C1 and earlier, update to a version later than 3.0.6.16C1.

**Name of the Vulnerable Software and Affected Versions** AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD (affected versions not specified) **Description** A cross-site request forgery (CSRF) issue exists in the cgi-bin/admin/usrgrp.cgi file. This allows remote attackers to hijack the authentication of administrators for requests that add users. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AirLive WL2600CAM (affected versions not specified) **Description** A directory traversal issue exists in the cgi-bin/admin/fileread endpoint, allowing remote attackers to read arbitrary files by including a .. (dot dot) in the `READ.filePath` parameter. **Recommendations** For AirLive WL2600CAM, restrict access to the cgi-bin/admin/fileread endpoint until a fix is available. As a temporary workaround, consider disabling the use of the `READ.filePath` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Samsung SHR-5162 Samsung SHR-5082 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the PATH INFO. This could potentially lead to unauthorized access or control of the affected system. **Recommendations** For Samsung SHR-5162, update to a version that fixes this issue. For Samsung SHR-5082, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the PATH INFO to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Brickcom FB-100Ap versions 3.1.0.8 and earlier Brickcom WCB-100Ap versions 3.1.0.8 and earlier Brickcom MD-100Ap versions 3.1.0.8 and earlier Brickcom WFB-100Ap versions 3.1.0.8 and earlier Brickcom OB-100Ae versions 3.1.0.8 and earlier Brickcom OSD-040E versions 3.1.0.8 and earlier **Description** A cross-site request forgery (CSRF) issue exists in the cgi-bin/users.cgi file, allowing remote attackers to hijack the authentication of administrators for requests that add users. **Recommendations** For Brickcom FB-100Ap version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8. For Brickcom WCB-100Ap version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8. For Brickcom MD-100Ap version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8. For Brickcom WFB-100Ap version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8. For Brickcom OB-100Ae version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8. For Brickcom OSD-040E version 3.1.0.8 and earlier, update the firmware to a version later than 3.1.0.8.

**Name of the Vulnerable Software and Affected Versions** Grandstream GXV3501 versions prior to 1.0.4.44 Grandstream GXV3504 versions prior to 1.0.4.44 Grandstream GXV3601 versions prior to 1.0.4.44 Grandstream GXV3601HD/LL versions prior to 1.0.4.44 Grandstream GXV3611HD/LL versions prior to 1.0.4.44 Grandstream GXV3615W/P versions prior to 1.0.4.44 Grandstream GXV3651FHD versions prior to 1.0.4.44 Grandstream GXV3662HD versions prior to 1.0.4.44 Grandstream GXV3615WP HD versions prior to 1.0.4.44 Grandstream GXV3500 versions prior to 1.0.4.44 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `PATH INFO`. This could potentially lead to unauthorized access or control of the affected devices. **Recommendations** For Grandstream GXV3501, update to firmware version 1.0.4.44 or later. For Grandstream GXV3504, update to firmware version 1.0.4.44 or later. For Grandstream GXV3601, update to firmware version 1.0.4.44 or later. For Grandstream GXV3601HD/LL, update to firmware version 1.0.4.44 or later. For Grandstream GXV3611HD/LL, update to firmware version 1.0.4.44 or later. For Grandstream GXV3615W/P, update to firmware version 1.0.4.44 or later. For Grandstream GXV3651FHD, update to firmware version 1.0.4.44 or later. For Grandstream GXV3662HD, update to firmware version 1.0.4.44 or later. For Grandstream GXV3615WP HD, update to firmware version 1.0.4.44 or later. For Grandstream GXV3500, update to firmware version 1.0.4.44 or later.

**Name of the Vulnerable Software and Affected Versions** Grandstream GXV3501 versions (affected versions not specified) Grandstream GXV3504 versions (affected versions not specified) Grandstream GXV3601 versions (affected versions not specified) Grandstream GXV3601HD/LL versions (affected versions not specified) Grandstream GXV3611HD/LL versions (affected versions not specified) Grandstream GXV3615W/P versions (affected versions not specified) Grandstream GXV3651FHD versions (affected versions not specified) Grandstream GXV3662HD versions (affected versions not specified) Grandstream GXV3615WP HD versions (affected versions not specified) Grandstream GXV3500 versions (affected versions not specified) **Description** A cross-site request forgery (CSRF) issue exists in the goform/usermanage endpoint of Grandstream camera models, allowing remote attackers to hijack the authentication of victims for requests that add users. **Recommendations** For Grandstream GXV3501, consider disabling the goform/usermanage endpoint until a patch is available. For Grandstream GXV3504, restrict access to the goform/usermanage endpoint to minimize the risk of exploitation. For Grandstream GXV3601, avoid using the goform/usermanage endpoint until the issue is resolved. For Grandstream GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP HD, and GXV3500, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280 (affected versions not specified) **Description** A cross-site request forgery (CSRF) issue exists in the command/user.cgi of the affected Sony camera models. This allows remote attackers to hijack the authentication of administrators for requests that add users. **Recommendations** For Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, consider disabling access to the command/user.cgi until a patch is available. Restrict access to the user addition functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.