宋侑霖

**Name of the Vulnerable Software and Affected Versions** Shockwall system (affected versions not specified) **Description** The issue is related to improper input validation in the programming function of the system. An authenticated attacker within the local area network can exploit this by sending a malicious response to the server, which can disrupt the service partially. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Shockwall system (affected versions not specified) **Description** The server-request receiver function of the system has an improper authentication issue. An authenticated attacker within the local area network can use local registry information to launch a server-side request forgery (SSRF) attack on another agent computer. This can result in arbitrary code execution, allowing the attacker to control the system or disrupt service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.