Cyril Mueller

**Name of the Vulnerable Software and Affected Versions** Swisscom Centro Grande versions prior to 6.16.12 **Description** The issue is related to incorrect input sanitation in text-oriented user interfaces, such as telnet and ssh, allowing remote authenticated users to execute arbitrary commands via command injection. **Recommendations** For versions prior to 6.16.12, update to version 6.16.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Swisscom Centro Grande versions prior to 6.16.12 **Description** The issue is related to missing hostname validation, allowing a remote attacker to inject its local IP address as a domain entry in the DNS service of the router via crafted hostnames in DHCP requests, causing XSS. **Recommendations** For versions prior to 6.16.12, update to version 6.16.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the DNS service of the router to minimize the risk of exploitation.