Ryoya Tsukasaki

**Nome do software vulnerável e versões afetadas: Versões do Google Chrome anteriores à 87.0.4280.88 Descrição: O problema está relacionado a um erro de uso após liberação (use after free) na funcionalidade da área de transferência do Google Chrome, que pode ser explorado por um invasor remoto por meio de uma página HTML especialmente criada. Isso poderia potencialmente levar à corrupção da pilha (heap). Recomendações: Para versões anteriores à 87.0.4280.88, atualize para a versão 87.0.4280.88 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** NTT EAST Hikari Denwa routers versions 07.00.1006 and earlier NTT WEST Hikari Denwa routers versions 07.00.1005 and earlier **Description** The issue allows remote authenticated users to execute arbitrary OS commands. **Recommendations** For NTT EAST Hikari Denwa routers versions 07.00.1006 and earlier, update the firmware to a version later than 07.00.1006. For NTT WEST Hikari Denwa routers versions 07.00.1005 and earlier, update the firmware to a version later than 07.00.1005.

**Name of the Vulnerable Software and Affected Versions** NTT EAST Hikari Denwa routers versions PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier NTT WEST Hikari Denwa routers versions PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier **Description** A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of arbitrary users. This can be exploited by tricking a user into performing unintended actions on the web application. **Recommendations** For NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier, update the firmware to a version later than 07.00.1006. For NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier, update the firmware to a version later than 07.00.1005.