Daniil Gordeev

**Name of the Vulnerable Software and Affected Versions** Realtek rtl819x Jungle SDK versions prior to v3.4.14B **Description** The rtl8192cd Wi-Fi kernel driver fails to perform access control checks on the `write mem` (ioctl 0x89F5) and `read mem` (ioctl 0x89F6) debug handlers. These handlers are included in production builds due to the unconditionally defined ` IOCTL DEBUG CMD ` macro in the `8192cd cfg.h` file. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MeiG Smart FORGE SLT711 version MDM9607.LE.1.0-00110-STD.PROD-1 **Description** The GoAhead web server allows unauthenticated OS command injection, a flaw where an attacker can execute arbitrary operating system commands on the device. This issue occurs via the '/action/SetRemoteAccessCfg' endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.