Andris Raugulis

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. **Description** A security issue exists in the transmission of passwords through query strings, potentially exposing confidential information to third parties. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trivision Camera NC227WF version 5.8.0 **Description** An Authentication Bypass issue allows an attacker to retrieve administrator's credentials in cleartext. This is achieved by sending a request to the "/en/player/activex pal.asp" API endpoint with random credentials, resulting in successful authentication of the application. **Recommendations** For Trivision Camera NC227WF version 5.8.0, as a temporary workaround, consider restricting access to the "/en/player/activex pal.asp" API endpoint until a patch is available.