0Xless

**Name of the Vulnerable Software and Affected Versions** D-Link DSL-3782 version 1.03 **Description** An issue in the D-Link DSL-3782 allows remote authenticated users to execute arbitrary code as root via the network settings page. **Recommendations** For D-Link DSL-3782 version 1.03, consider restricting access to the network settings page until a patch is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** py7zr versions 0.20.0 and earlier **Description** A directory traversal issue in the `SevenZipFile.extractall()` function allows attackers to write arbitrary files by extracting a crafted 7z file. **Recommendations** For py7zr versions 0.20.0 and earlier, consider disabling the `SevenZipFile.extractall()` function until a patch is available to prevent arbitrary file writes.