Abdulaziz Aldayri

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** A Cross Site Request Forgery (CSRF) flaw exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) that allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and obtain sensitive information. The issue is due to an OS Command Injection. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** A Cross Site Scripting (XSS) issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). This flaw may allow attackers to obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) that allows attackers to gain sensitive information through OS Command Injection. The affected component is firmware version 6010-0071-000. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) that may allow attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and obtain sensitive information. The issue is due to an OS Command Injection. The affected product is used in network time synchronization. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** A Cross Site Scripting (XSS) issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). Successful exploitation could allow attackers to obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An OS Command Injection issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). Successful exploitation could allow attackers to gain sensitive information. The affected firmware is F/W 6010-0071-000 version 4.00. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) that allows attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and obtain sensitive information. The issue is due to an OS Command Injection. The affected product is a Network Time Server (GPS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An OS Command Injection issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). Successful exploitation could allow attackers to execute arbitrary code, cause a denial of service, gain escalated privileges, and obtain sensitive information. The affected component allows for the injection of commands into the operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** An issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) that allows attackers to execute arbitrary code. This could lead to a denial of service, escalated privileges, and the potential compromise of sensitive information. The issue is due to an OS Command Injection. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** A Cross Site Scripting (XSS) issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS). This flaw could allow attackers to obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EndRun Technologies Sonoma D12 Network Time Server (GPS) version 4.00 **Description** A directory traversal issue exists in EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware version 4.00. This allows attackers to potentially access sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.