Bruno Morisson

**Name of the Vulnerable Software and Affected Versions** BTicino Door Entry HOMETOUCH for iOS version 1.4.2 **Description** The issue is related to the absence of an SSL certificate in the BTicino Door Entry HOMETOUCH for iOS application. This lack of encryption could potentially expose user data to interception or eavesdropping. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For BTicino Door Entry HOMETOUCH for iOS version 1.4.2, consider avoiding sensitive transactions or data exchange until a version with proper SSL certification is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SOPlanning versions prior to 1.47 **Description** The issue is related to incorrect access control due to public secret key information and its related authentication algorithm. Specifically, the key for the admin account is hardcoded in the installation code, and there is no key for the publicsp guest account. **Recommendations** For versions prior to 1.47, update to version 1.47 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin account and publicsp guest account until the update is applied.

Name of the Vulnerable Software and Affected Versions: PortSwigger Burp Suite versions prior to 1.7.34 Description: The issue concerns improper certificate validation of the Collaborator server certificate. This could potentially allow man-in-the-middle attackers to obtain interaction data. Recommendations: For versions prior to 1.7.34, update to version 1.7.34 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** D-Link DGS-1100 devices with Rev.B firmware version 1.01.018 **Description** The issue concerns a hardcoded SSL private key, which enables man-in-the-middle attackers to spoof devices by hijacking an HTTPS session. **Recommendations** For D-Link DGS-1100 devices with Rev.B firmware version 1.01.018, consider disabling HTTPS until a patch or firmware update is available to prevent man-in-the-middle attacks.

**Name of the Vulnerable Software and Affected Versions** QL Office versions prior to 8.4.1 in Apple iOS QL Office versions prior to 10.10.5 in OS X **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, via a crafted office document. **Recommendations** For QL Office in Apple iOS prior to 8.4.1, update to version 8.4.1 or later. For QL Office in OS X prior to 10.10.5, update to version 10.10.5 or later.

**Name of the Vulnerable Software and Affected Versions** Office Viewer in Apple iOS versions prior to 8.4.1 Office Viewer in Apple OS X versions prior to 10.10.5 **Description** The issue is related to the lack of protection for service data in the Office Viewer component. It can be exploited by a remote attacker to read arbitrary files using a specially crafted XML document that contains links to external objects, specifically leveraging an XML External Entity (XXE) issue. **Recommendations** For Office Viewer in Apple iOS versions prior to 8.4.1, update to version 8.4.1 or later. For Office Viewer in Apple OS X versions prior to 10.10.5, update to version 10.10.5 or later.

**Name of the Vulnerable Software and Affected Versions** SAP Netweaver version 7.03 **Description** The issue allows remote attackers to obtain sensitive information via a crafted SOAP request to the "TCP port 1128" endpoint, specifically targeting the `GetComputerSystem` method in the HostControl service. **Recommendations** For SAP Netweaver version 7.03, consider restricting access to the HostControl service or the `GetComputerSystem` method to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Red-M Red-Alert version 2.7.5 with software 3.1 build 24 **Description** The issue allows remote attackers to cause a denial of service, resulting in a reboot and loss of logged events, via a long request to TCP port 80, possibly triggering a buffer overflow. **Recommendations** For Red-M Red-Alert version 2.7.5 with software 3.1 build 24, consider restricting access to TCP port 80 as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Red-M Red-Alert version 2.7.5 **Description** The issue prevents Red-Alert from correctly identifying the SSID when multiple spaces in a Service Set Identifier are converted to a single space. **Recommendations** For Red-Alert version 2.7.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.