Ken Pyle

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE versões 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26 Oracle GraalVM for JDK versões 17.0.18, 21.0.10 Oracle GraalVM Enterprise Edition versão 21.3.17 **Description** Um problema no componente de Segurança permite que um invasor não autenticado com acesso de logon à infraestrutura onde o software é executado comprometa o sistema. A exploração bem-sucedida pode resultar em acesso de leitura não autorizado a um subconjunto de dados acessíveis. Isso pode ser alcançado usando APIs no componente de Segurança, como por meio de um serviço web que fornece dados para essas APIs. O problema também afeta implantações Java que carregam e executam código não confiável e dependem do sandbox do Java para segurança, tipicamente em clientes que executam aplicativos Java Web Start em sandbox ou applets Java em sandbox. **Recommendations** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Oracle Java SE versões 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26 Oracle GraalVM for JDK versões 17.0.18, 21.0.10 Oracle GraalVM Enterprise Edition versão 21.3.17 **Description** Um problema no componente Security permite que um invasor não autenticado com acesso de logon à infraestrutura onde o software é executado comprometa o sistema. A exploração bem-sucedida pode resultar em acesso de leitura não autorizado a um subconjunto de dados acessíveis. Isso pode ser alcançado usando APIs no componente Security, como por meio de um serviço web que fornece dados para essas APIs. O problema também afeta implementações Java que carregam e executam código não confiável e dependem do sandbox do Java para segurança, tipicamente em clientes que executam aplicativos Java Web Start em sandbox ou applets Java em sandbox. **Recommendations** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Painel de acesso Honeywell MPA2 em versões anteriores à R1.00.08.05 **Descrição** O problema está relacionado à neutralização inadequada de entradas durante a geração de páginas da web, o que permite a execução de scripts entre sites (XSS) por meio de caracteres inválidos. Isso pode ser explorado através dos módulos do servidor web do Painel de acesso Honeywell MPA2. **Recomendações** Para versões anteriores à R1.00.08.05, atualize para a versão de firmware R1.00.08.05 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso aos módulos do servidor web até que a atualização possa ser aplicada.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 19.3 SP3 (22.24.5800.0) **Description** A vulnerability in the Edge Gateway component could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modified URL, potentially enabling them to modify system configuration settings. **Recommendations** For versions through 19.3 SP3 (22.24.5800.0), consider implementing additional validation for incoming requests to prevent CSRF attacks. As a temporary workaround, restrict access to system configuration settings until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 9.6.2304.102 **Description** A vulnerability in the Connect Mobility Router component could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. A successful exploit could allow an attacker to provide a modified URL, potentially enabling them to modify system configuration settings. **Recommendations** For versions through 9.6.2304.102, update to a version that addresses the insufficient request validation issue in the Connect Mobility Router component to prevent Cross Site Request Forgery (CSRF) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through R19.3 SP3 (22.24.5800.0) **Description** A vulnerability in the Edge Gateway component could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information. **Recommendations** For versions through R19.3 SP3 (22.24.5800.0), consider updating to a version later than R19.3 SP3 (22.24.5800.0) to resolve the issue. As a temporary workaround, restrict access to the Edge Gateway component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 9.6.2208.101 **Description** A vulnerability in the Connect Mobility Router component could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information. **Recommendations** For versions through 9.6.2208.101, update to a version later than 9.6.2208.101 to resolve the issue. As a temporary workaround, consider restricting access to the Connect Mobility Router component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 9.6.2304.102 **Description** A vulnerability in the Connect Mobility Router component could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic. **Recommendations** For Mitel MiVoice Connect versions through 9.6.2304.102, consider updating to a version that addresses the command argument injection issue in the Connect Mobility Router component to prevent exploitation. As a temporary workaround, restrict internal network access and ensure that only authorized personnel have elevated privileges to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 19.3 SP3 (22.24.5800.0) **Description** A vulnerability in the Edge Gateway component could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic. **Recommendations** For Mitel MiVoice Connect versions through 19.3 SP3 (22.24.5800.0), consider disabling the Edge Gateway component until a patch is available to prevent command argument injection attacks. Restrict internal network access to minimize the risk of exploitation. Avoid using the Edge Gateway component for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiVoice Connect versions through 9.6.2304.102 **Description** A vulnerability in the Connect Mobility Router component could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information. **Recommendations** For MiVoice Connect versions through 9.6.2304.102, consider reconfiguring the Connect Mobility Router component to prevent information disclosure attacks. As a temporary workaround, restrict access to system information until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiVoice Connect versions 9.6.2208.101 and earlier **Description** A vulnerability in the Connect Mobility Router component could allow an authenticated attacker with internal network access to conduct a command injection attack due to insufficient restriction on URL parameters. **Recommendations** For versions 9.6.2208.101 and earlier, update to a version later than 9.6.2208.101 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions 9.6.2208.101 and earlier **Description** A vulnerability in the Connect Mobility Router component could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges. This is because the initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands. **Recommendations** For Mitel MiVoice Connect versions 9.6.2208.101 and earlier, ensure that a strong password is set for administrative access after the initial installation to prevent unauthorized access. Consider changing the default password to a unique and complex one to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier **Description** A vulnerability in the Headquarters server component could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. **Recommendations** For versions 19.3 SP2 (22.24.1500.0) and earlier, update to a version later than 19.3 SP2 (22.24.1500.0) to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 19.3 SP2 (22.24.1500.0) **Description** The Linux DVS server component could allow an unauthenticated attacker with internal network access to execute arbitrary scripts due to improper access control. **Recommendations** For versions through 19.3 SP2 (22.24.1500.0), update to a version later than 19.3 SP2 (22.24.1500.0) to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions 19.3 SP2 (22.24.1500.0) and earlier **Description** A vulnerability in the Edge Gateway component could allow an unauthenticated attacker with internal network access to authenticate with administrative privileges, because initial installation does not enforce a password change. A successful exploit could allow an attacker to make arbitrary configuration changes and execute arbitrary commands. **Recommendations** For versions 19.3 SP2 (22.24.1500.0) and earlier, ensure that a strong password is set for administrative access after initial installation to prevent exploitation. As a temporary workaround, consider restricting access to the Edge Gateway component until a patch is available. Avoid using default or weak passwords for administrative accounts in the affected versions.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 19.3 SP2 Mitel MiVoice Connect versions 20.x Mitel MiVoice Connect versions 21.x Mitel MiVoice Connect versions 22.x through 22.24.1500.0 **Description** The issue is related to insufficient validation for the `home.php` page, which could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack. This type of attack occurs when an application takes user input and sends it back to the user without proper validation, allowing an attacker to inject malicious scripts. A successful exploit could allow an attacker to execute arbitrary scripts, potentially giving them access to user conference information. **Recommendations** For Mitel MiVoice Connect versions through 19.3 SP2, update to a version later than 19.3 SP2 to resolve the issue. For Mitel MiVoice Connect versions 20.x, update to a version later than 20.x to resolve the issue. For Mitel MiVoice Connect versions 21.x, update to a version later than 21.x to resolve the issue. For Mitel MiVoice Connect versions 22.x through 22.24.1500.0, update to a version later than 22.24.1500.0 to resolve the issue. As a temporary workaround, consider restricting access to the `home.php` page until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Repetier Server versions prior to 1.4.11 **Description** The issue allows directory traversal for reading files that contain credentials. This can be demonstrated by accessing the connectionLost.php file. It is estimated that about 1,766 devices may be potentially affected. **Recommendations** For Repetier Server versions prior to 1.4.11, update to version 1.4.11 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ruckus Wireless Admin versions prior to 10.4 **Description** The issue concerns a Remote Code Execution vulnerability in Ruckus Wireless Admin, allowing an unauthenticated attacker to execute arbitrary code via an HTTP GET request. This can be demonstrated by sending a request to the `/forms/doLogin` endpoint with specific parameters, such as `login username=admin` and `password=password$(curl substring)`. The vulnerability is being exploited by the AndoryuBot botnet, which targets Ruckus Wireless devices to enlist them in DDoS attacks. It is estimated that many devices remain unpatched, with some end-of-life models not receiving fixes. The AndoryuBot botnet can load additional scripts from a hardcoded URL and establish a connection with its command and control server via SOCKS for stealth and firewall evasion. The botnet supports multiple system architectures and 12 DDoS attack modes. Its operators offer DDoS services for hire, accepting cryptocurrency payments. **Recommendations** For Ruckus Wireless Admin versions prior to 10.4, apply the available firmware updates to patch the vulnerability. Use strong admin passwords and consider disabling remote access to the admin panel if it is not necessary. As a temporary workaround, consider restricting access to the `/forms/doLogin` endpoint until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** ConnectWise Control versions prior to 22.9.10032 **Description** The issue arises from the failure to validate user-supplied parameters, such as the `h` parameter in Bin/ConnectWiseControl.Client.exe. This leads to reflected data and the injection of malicious code into a downloaded executable, which can be used for malicious queries or as a denial-of-service vector. **Recommendations** For versions prior to 22.9.10032, update to version 22.9.10032 or later to resolve the issue. As a temporary workaround, consider restricting access to the Bin/ConnectWiseControl.Client.exe executable and its parameters, such as the `h` parameter, to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Dell EMC PV ME5 versions ME5.1.0.0.0 through ME5.1.0.1.0 **Description** The issue is related to a Client-side desync vulnerability. An unauthenticated attacker could potentially exploit this to force a victim's browser to desynchronize its connection with the website, typically leading to cross-site scripting (XSS) and denial-of-service (DoS) attacks. **Recommendations** For Dell EMC PV ME5 versions ME5.1.0.0.0 through ME5.1.0.1.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.