Stephen Shkardoon

**Name of the Vulnerable Software and Affected Versions** Squiz Matrix CMS versions 5.5.0 through 5.5.0.2 Squiz Matrix CMS versions 5.5.1 through 5.5.1.7 Squiz Matrix CMS versions 5.5.2 through 5.5.2.3 Squiz Matrix CMS versions 5.5.3 through 5.5.3.2 **Description** An issue allows a user to trigger arbitrary unserialization of a PHP object from a `packages/cms/page templates/page remote content/page remote content.inc` POST parameter during processing of a Remote Content page type. This unserialization can be used to trigger the inclusion of arbitrary files on the filesystem, resulting in remote code execution. **Recommendations** For Squiz Matrix CMS versions 5.5.0 through 5.5.0.2, update to version 5.5.0.3 or later. For Squiz Matrix CMS versions 5.5.1 through 5.5.1.7, update to version 5.5.1.8 or later. For Squiz Matrix CMS versions 5.5.2 through 5.5.2.3, update to version 5.5.2.4 or later. For Squiz Matrix CMS versions 5.5.3 through 5.5.3.2, update to version 5.5.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** Squiz Matrix CMS versions 5.5.0 through 5.5.0.2 Squiz Matrix CMS versions 5.5.1 through 5.5.1.7 Squiz Matrix CMS versions 5.5.2 through 5.5.2.3 Squiz Matrix CMS versions 5.5.3 through 5.5.3.2 **Description** An issue in the File Upload field type allows users to delete arbitrary files from the server and view the full path to uploaded files, including the product's web root directory, when a custom form exists. **Recommendations** For Squiz Matrix CMS versions 5.5.0 through 5.5.0.2, update to version 5.5.0.3 or later. For Squiz Matrix CMS versions 5.5.1 through 5.5.1.7, update to version 5.5.1.8 or later. For Squiz Matrix CMS versions 5.5.2 through 5.5.2.3, update to version 5.5.2.4 or later. For Squiz Matrix CMS versions 5.5.3 through 5.5.3.2, update to version 5.5.3.3 or later.

Name of the Vulnerable Software and Affected Versions: Teracue ENC-400 devices with firmware 2.56 and below Description: An issue allows attackers to bypass authentication on the device's web administration panel. After successful authentication, the device sends an authentication cookie to the end user. This cookie is hard-coded to a string in the source code, specifically in the /usr/share/www/check.lp file. By setting this cookie in a browser, an attacker can maintain access to every ENC-400 device without knowing the password. The token remains static even if a user changes the password on the device. Recommendations: For Teracue ENC-400 devices with firmware 2.56 and below, consider disabling access to the web administration panel until a patch is available. Restrict access to the /usr/share/www/check.lp file to minimize the risk of exploitation. Avoid using the hard-coded authentication cookie in the browser to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Teracue ENC-400 devices with firmware 2.56 and below Description: An issue was discovered where a large portion of the HTTP endpoints are missing authentication, allowing an attacker to view these pages before being authenticated. Some of these pages may disclose sensitive information. Recommendations: For Teracue ENC-400 devices with firmware 2.56 and below, consider restricting access to the web interface until a fix is available. As a temporary workaround, limit access to sensitive information by implementing additional authentication measures for the affected HTTP endpoints.

Name of the Vulnerable Software and Affected Versions: WatchGuard AP100 versions prior to 1.2.9.15 WatchGuard AP102 versions prior to 1.2.9.15 WatchGuard AP200 versions prior to 1.2.9.15 WatchGuard AP300 versions prior to 2.0.0.10 Description: An issue allows an attacker to bypass validation of the `old password` field in the change password form due to incorrect validation. Recommendations: For WatchGuard AP100 versions prior to 1.2.9.15, update to version 1.2.9.15 or later. For WatchGuard AP102 versions prior to 1.2.9.15, update to version 1.2.9.15 or later. For WatchGuard AP200 versions prior to 1.2.9.15, update to version 1.2.9.15 or later. For WatchGuard AP300 versions prior to 2.0.0.10, update to version 2.0.0.10 or later.

Name of the Vulnerable Software and Affected Versions: WatchGuard AP100 versions prior to 1.2.9.15 WatchGuard AP102 versions prior to 1.2.9.15 WatchGuard AP200 versions prior to 1.2.9.15 Description: An issue exists due to hardcoded credentials for an unprivileged SSH account with a shell of /bin/false. Recommendations: For WatchGuard AP100 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP102 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP200 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later.

Name of the Vulnerable Software and Affected Versions: WatchGuard AP100 versions prior to 1.2.9.15 WatchGuard AP102 versions prior to 1.2.9.15 WatchGuard AP200 versions prior to 1.2.9.15 Description: An issue was discovered that allows improper authentication handling by the native Access Point web UI. This enables authentication using a local system account instead of the dedicated web-only user. Recommendations: For WatchGuard AP100 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP102 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP200 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later.

**Name of the Vulnerable Software and Affected Versions** WatchGuard AP100 versions prior to 1.2.9.15 WatchGuard AP102 versions prior to 1.2.9.15 WatchGuard AP200 versions prior to 1.2.9.15 WatchGuard AP300 versions prior to 2.0.0.10 **Description** The issue is related to insufficient restriction on file upload functionality, allowing authenticated users on the web interface to upload files containing code to the web root, which can then be executed as root. This can enable a remote attacker to execute arbitrary commands. **Recommendations** For WatchGuard AP100 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP102 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP200 versions prior to 1.2.9.15, update the firmware to version 1.2.9.15 or later. For WatchGuard AP300 versions prior to 2.0.0.10, update the firmware to version 2.0.0.10 or later.