Andrew Lemon

**Name of the Vulnerable Software and Affected Versions** Intelight X-1L Traffic controller Maxtime version 1.9.6 **Description** An issue in the Intelight X-1L Traffic controller Maxtime allows a remote attacker to execute arbitrary code via the "/cgi-bin/generateForm.cgi?formID=142" component. There are thousands of traffic lights potentially affected by this issue. **Recommendations** For version 1.9.6, consider disabling access to the "/cgi-bin/generateForm.cgi?formID=142" component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.