Amir Preminger

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The combination of the Akuvox E11 Media Access Control (MAC) address and IP address could potentially allow an attacker to identify the device on the Akuvox cloud. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The issue concerns the use of a weak encryption algorithm for stored passwords and a hard-coded password for decryption. This could allow the encrypted passwords to be decrypted from the configuration file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The issue concerns the Akuvox E11 password recovery webpage, which can be accessed without proper authentication. This allows an attacker to download the device key file and subsequently reset the password to its default setting. **Recommendations** For Akuvox E11, restrict access to the password recovery webpage until a fix is available. As a temporary workaround, consider disabling the password recovery feature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The issue concerns the Akuvox E11 cloud login, which is performed through an unencrypted HTTP connection. This allows an attacker to potentially gain access to the Akuvox cloud and device if the MAC address of a device is known. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The issue concerns the use of a hard-coded cryptographic key, which could potentially allow an attacker to decrypt sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Akuvox E11 (affected versions not specified) **Description** The issue concerns a custom version of the dropbear SSH server used by Akuvox E11, which allows an insecure option not present in the official dropbear SSH server by default. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cassia Networks Access Controller versions prior to 2.0.1 **Description** An attacker may be able to use the minify route with a relative path to view any file on the system. **Recommendations** For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** In-Sight OPC Server versions v5.7.4 and prior **Description** The issue allows a remote attacker to access system level permission commands and potentially achieve local privilege escalation due to the deserialization of untrusted data. **Recommendations** For In-Sight OPC Server versions v5.7.4 and prior, update to a version that addresses the deserialization of untrusted data to prevent remote attackers from accessing system level permission commands. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** An attacker could utilize a function in MDT AutoSave that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file. **Recommendations** For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting directory traversal and file replacement capabilities until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to 6.02.06 **Description** An issue allows an attacker to decipher the encryption, potentially gaining access to sensitive information. **Recommendations** For versions prior to 6.02.06, update to version 6.02.06 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** The issue concerns a `getfile` function that allows a user to supply an optional parameter. This parameter can cause the function to process a request in a special manner, potentially leading to the execution of an unzip command. As a result, a malicious .exe file can be placed in one of the locations the function looks for, allowing it to gain execution capabilities. **Recommendations** For MDT AutoSave versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `getfile` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** An attacker could utilize SQL commands to create a new user and update the user’s permissions, granting the attacker the ability to login. **Recommendations** For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** An issue exists where an attacker could leverage an API to pass a malicious file, manipulating the process creation command line and potentially running a command line argument. This could allow the attacker to run a malicious process. **Recommendations** For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting access to the API endpoint used to pass the malicious file until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** An issue exists where an attacker can gain knowledge of a session's temporary working folder when the `getfile` and `putfile` commands are used. This knowledge can be leveraged to provide a malicious command to the working directory, allowing read and write activity to be initiated. **Recommendations** For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting access to the temporary working folder to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MDT AutoSave versions prior to v6.02.06 **Description** A function in the software is used to retrieve system information for a specific process, executing multiple commands and summarizing the information into an XML. This process gives the full path to the executable, making it vulnerable to binary hijacking. **Recommendations** For versions prior to v6.02.06, update to version v6.02.06 or later to resolve the issue. As a temporary workaround, consider restricting access to the function that retrieves system information to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Product (affected versions not specified) **Description** The issue concerns the product's failure to properly control resource allocation. This could allow a user to allocate unlimited memory buffers by utilizing API functions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or version is mentioned, so the information cannot be provided. **Description** The issue concerns the use of a hard-coded blowfish key in encryption and decryption processes. This key can be easily extracted from binaries, which poses a security risk. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue concerns improper input validation in the restore file, allowing an attacker to provide malicious config files that can replace any file on disk. This enables potential unauthorized access and modification of system files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned. **Description** The issue allows an attacker to initiate a session with the server without providing any form of authentication, as the server permits communication without any authentication procedure. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.