Ly55521

**Name of the Vulnerable Software and Affected Versions** Merlin.PHP version 0.6.6 **Description** An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands. This is due to an `eval` call in `api.php`, as demonstrated by the "/6/api.php?function=command&class=remote&Cc='ls'" URI. The vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network and intentionally allows remote code execution. **Recommendations** For Merlin.PHP version 0.6.6, consider restricting access to the `api.php` endpoint to minimize the risk of exploitation, as it intentionally allows remote code execution in trusted intranet networks.

**Name of the Vulnerable Software and Affected Versions** Merlin.PHP version 0.6.6 **Description** An issue was discovered in the Merlin.PHP component for Asuswrt-Merlin devices, allowing an attacker to execute arbitrary commands due to a `popen` call in `exec.php`. The vendor notes that Merlin.PHP is designed for use on a trusted intranet network and intentionally allows remote code execution. **Recommendations** For Merlin.PHP version 0.6.6, consider restricting access to `exec.php` to minimize the risk of exploitation, as the component is intended for use on a trusted intranet network. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** K-Net Cisco Configuration Manager versions through 2014-11-19 **Description** The issue is related to a security problem where an attacker can execute malicious scripts on the device. This is achieved through the devices.php endpoint, which is vulnerable to XSS attacks. **Recommendations** For K-Net Cisco Configuration Manager versions through 2014-11-19, update to a version released after 2014-11-19 to resolve the issue.