Ken Munro

**Name of the Vulnerable Software and Affected Versions** Swann SWWHD-INTCAM-HD devices (affected versions not specified) **Description** The issue allows for FTP access as root due to the presence of the twipc root password. It is noted that all affected customers were migrated by 2020-08-31. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Swann SWWHD-INTCAM-HD devices (affected versions not specified) **Description** The issue concerns Swann SWWHD-INTCAM-HD devices, which leave the Pre-Shared Key (PSK) in logs even after a factory reset. All affected customers were migrated by 2020-08-31. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nespresso Prodigio (affected versions not specified) **Description** The issue concerns a lack of security in the Bluetooth connection of the devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Edimax Wi-Fi Extender devices (affected versions not specified) **Description** The issue allows for CSRF, potentially leading to PSK key disclosure through the goform/formwlencryptvxd endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jura E8 (affected versions not specified) **Description** The issue concerns a lack of Bluetooth connection security in the devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.