Ashish Kamble

**Name of the Vulnerable Software and Affected Versions** Accellion FTP server versions prior to FTA 9 12 220 **Description** The issue concerns the use of the Accusoft Prizm Content flash component in the Accellion FTP server, which contains multiple parameters, such as `customTabCategoryName` and `customButton1Image`, that are vulnerable to cross-site scripting. **Recommendations** For Accellion FTP server versions prior to FTA 9 12 220, update to version FTA 9 12 220 or later to resolve the issue. As a temporary workaround, consider restricting access to the parameters `customTabCategoryName` and `customButton1Image` to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Accellion FTP server versions prior to FTA 9 12 220 **Description** The issue allows an attacker to determine valid user accounts by enumerating them, as the server only returns the username in the response if the username is invalid. **Recommendations** For versions prior to FTA 9 12 220, update to version FTA 9 12 220 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tollgrade LightHouse SMS versions prior to 5.1 patch 3 **Description** The issue allows remote authenticated users to bypass an intended administrative-authentication requirement. This enables them to read or change parameter values by making a direct request. **Recommendations** For versions prior to 5.1 patch 3, update to version 5.1 patch 3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tollgrade LightHouse SMS versions prior to 5.1 patch 3 **Description** The issue allows remote attackers to enumerate account names via a series of authentication attempts, due to different error messages being provided for failed authentication attempts depending on whether the username exists. **Recommendations** For versions prior to 5.1 patch 3, update to version 5.1 patch 3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Tollgrade LightHouse SMS versions prior to 5.1 patch 3 **Description** The issue allows remote attackers to bypass authentication and restart the software. **Recommendations** For versions prior to 5.1 patch 3, update to version 5.1 patch 3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** 3S-Smart CODESYS Gateway Server versions prior to 2.3.9.48 **Description** The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and daemon crash, via crafted GET or POST requests. **Recommendations** For versions prior to 2.3.9.48, update to version 2.3.9.48 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Belden GarrettCom Magnum 6K and Magnum 10K switches firmware versions prior to 4.5.6 **Description** The issue concerns a hardcoded serial-console password for a privileged account in the firmware of the affected switches. This might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation where this account is enabled, and leveraging knowledge of this password. **Recommendations** For firmware versions prior to 4.5.6, update to version 4.5.6 or later to resolve the issue. As a temporary workaround, consider disabling the privileged account with the hardcoded serial-console password until a patch is available. Restrict physical access to the switches to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MNS versions prior to 4.5.6 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the web-server component. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For versions prior to 4.5.6, update to version 4.5.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MNS versions prior to 4.5.6 **Description** The issue concerns the use of hardcoded RSA private keys and certificates in the firmware of affected devices. This makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by leveraging knowledge of a private key from another installation. **Recommendations** For versions prior to 4.5.6, update to version 4.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to HTTPS sessions until the update is applied.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 8.2 **Description** A cross-site request forgery issue allows remote attackers to hijack the authentication of arbitrary users. **Recommendations** For versions prior to 8.2, update to version 8.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 8.2 **Description** The issue allows remote attackers to obtain sensitive information. This can be achieved by sending a "pretty=true" action to the " cluster/health" API endpoint. **Recommendations** For versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the " cluster/health" API endpoint until a patch is available. Avoid using the "pretty=true" action in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 8.2 **Description** The issue is related to an unrestricted file upload vulnerability. This allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the image/jpeg content type. **Recommendations** For versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin/uploadImage.html endpoint to minimize the risk of exploitation. Avoid using the image/jpeg content type in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** SearchBlox versions prior to 8.2 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The injection can occur via two main avenues: the search field in `plugin/index.html` or the title field in the Create Featured Result form in `admin/main.jsp`. **Recommendations** For versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider restricting user input in the search field and the title field of the Create Featured Result form to minimize the risk of exploitation. Avoid using potentially malicious input in these fields until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Datum Systems SnIP on PSM-500 and PSM-4500 devices (affected versions not specified) **Description** The issue allows remote attackers to obtain sensitive information without requiring authentication for FTP sessions. This can be achieved via RETR commands. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Datum Systems SnIP on PSM-500 and PSM-4500 devices (affected versions not specified) **Description** The issue allows remote attackers to obtain access via unspecified vectors due to a hardcoded password of `admin` for the `admin` account. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.