Denis Werner

**Name of the Vulnerable Software and Affected Versions** Teamwire Windows desktop client versions 2.0.1 through 2.4.0 **Description** An issue in the Teamwire Windows desktop client allows a remote attacker to obtain sensitive information via a crafted payload to the `message` function. **Recommendations** For Teamwire Windows desktop client versions 2.0.1 through 2.4.0, consider disabling the `message` function until a patch is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** Teamwire Windows desktop client versions 2.0.1 through 2.4.0 **Description** The issue allows a remote attacker to obtain sensitive information via a crafted payload to the `global search function`. This is a Cross Site Scripting vulnerability. **Recommendations** For versions 2.0.1 through 2.4.0, consider disabling the global search function until a patch is available to prevent exploitation. Restrict access to sensitive information to minimize the risk of unauthorized access.

**Name of the Vulnerable Software and Affected Versions** Teamwire Windows desktop client versions 2.0.1 through 2.4.0 **Description** A Cross Site Scripting (XSS) issue allows a remote attacker to obtain sensitive information via a crafted payload to the `chat name`, `message preview`, `username`, and `group name` components. This enables the attacker to potentially exploit these components and gain access to confidential data. **Recommendations** For versions 2.0.1 through 2.4.0, consider disabling the chat functionality or restricting access to the chat name, message preview, username, and group name components until a patch is available. Avoid using these components with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Migration, Backup, Staging – WPvivid plugin for WordPress version 0.9.68 **Description** The issue arises from insufficient escaping on the user-supplied `table prefix` parameter and lack of sufficient preparation on the existing SQL query, making it possible for unauthenticated attackers to append additional SQL queries into already existing queries. This can be used to extract sensitive information from the database. **Recommendations** For version 0.9.68, consider disabling the `table prefix` parameter until a patch is available to prevent SQL injection attacks. Restrict access to sensitive database information to minimize the risk of exploitation. Avoid using the `table prefix` parameter in existing SQL queries until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Migration, Backup, Staging – WPvivid plugin for WordPress versions up to, and including, 0.9.68 **Description** The issue is related to a missing capability check on the `get restore progress()` and `restore()` functions, allowing unauthorized access. This makes it possible for unauthenticated attackers to exploit a SQL injection vulnerability or trigger a Denial of Service (DoS). **Recommendations** For versions up to, and including, 0.9.68, update to a version higher than 0.9.68 to resolve the issue. As a temporary workaround, consider disabling the `get restore progress()` and `restore()` functions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Lindy 42633 4-Port USB 2.0 Gigabit Network Server version 2.078.000 **Description** The issue allows an attacker on the same network to elevate privileges. This is possible because the administrative password can be discovered by sniffing unencrypted UDP traffic. **Recommendations** For version 2.078.000, consider changing the administrative password and enabling encryption for UDP traffic to prevent password sniffing. As a temporary workaround, restrict access to the network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Lindy 42633 4-Port USB 2.0 Gigabit Network Server version 2.078.000 **Description** The issue allows an attacker on the same network to bypass authentication via a web-administration request that lacks a `password` parameter. **Recommendations** For version 2.078.000, consider restricting access to the web-administration interface until a patch is available. As a temporary workaround, avoid using the web-administration interface for sensitive operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lindy 42633 4-Port USB 2.0 Gigabit Network Server version 2.078.000 **Description** The issue allows an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name. **Recommendations** For version 2.078.000, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DIGITUS DA-70254 4-Port Gigabit Network Hub version 2.073.000.E0008 **Description** The issue allows an attacker on the same network to elevate privileges. This is possible because the administrative password can be discovered by sniffing unencrypted UDP traffic. **Recommendations** For version 2.073.000.E0008, consider restricting access to the administrative interface until a patch is available. As a temporary workaround, avoid using unencrypted UDP traffic for administrative tasks.

**Name of the Vulnerable Software and Affected Versions** DIGITUS DA-70254 4-Port Gigabit Network Hub version 2.073.000.E0008 **Description** The issue allows an attacker on the same network to bypass authentication via a web-administration request that lacks a `password` parameter. **Recommendations** For version 2.073.000.E0008, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DIGITUS DA-70254 4-Port Gigabit Network Hub version 2.073.000.E0008 **Description** The issue allows an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name. **Recommendations** For version 2.073.000.E0008, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** DIGITUS DA-70254 4-Port Gigabit Network Hub version 2.073.000.E0008 **Description** The issue allows an attacker on the same network to cause a denial-of-service of the device by sending long input values. **Recommendations** For version 2.073.000.E0008, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Lindy 42633 4-Port USB 2.0 Gigabit Network Server version 2.078.000 **Description** The device is susceptible to a denial-of-service attack when an attacker on the same network sends long input values. **Recommendations** For version 2.078.000, consider restricting access to the device to prevent unauthorized input, and avoid using the device on untrusted networks until a fix is available.

**Name of the Vulnerable Software and Affected Versions** TP-Link USB Network Server TL-PS310U versions prior to 2.079.000.t0210 **Description** The issue allows an attacker on the same network to elevate privileges. This is possible because the administrative password can be discovered by sniffing unencrypted UDP traffic. **Recommendations** For versions prior to 2.079.000.t0210, update to version 2.079.000.t0210 or later to resolve the issue. As a temporary workaround, consider restricting access to the network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** TP-Link USB Network Server TL-PS310U versions prior to 2.079.000.t0210 **Description** The issue allows an attacker on the same network to bypass authentication via a web-administration request that lacks a `password` parameter. **Recommendations** For versions prior to 2.079.000.t0210, update to version 2.079.000.t0210 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TP-Link USB Network Server TL-PS310U versions prior to 2.079.000.t0210 **Description** The issue allows an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name. **Recommendations** For versions prior to 2.079.000.t0210, update to version 2.079.000.t0210 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TP-Link USB Network Server TL-PS310U versions prior to 2.079.000.t0210 **Description** The issue allows an attacker on the same network to cause a denial-of-service of the device by sending long input values. **Recommendations** For versions prior to 2.079.000.t0210, update to version 2.079.000.t0210 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Grouptime Teamwire Client versions 1.5.1 through 1.9.0 Grouptime Teamwire Client backend versions prior to prod-2018-11-13-15-00-42 **Description** The issue affects the admin interface of the Grouptime Teamwire Client, allowing stored XSS attacks. **Recommendations** For Grouptime Teamwire Client versions 1.5.1 through 1.9.0, update to version 1.9.0 or later to resolve the issue. For Grouptime Teamwire Client backend versions prior to prod-2018-11-13-15-00-42, update to a version after prod-2018-11-13-15-00-42 to fix the problem.

**Name of the Vulnerable Software and Affected Versions** Grouptime Teamwire Desktop Client versions 1.5.1 through 1.9.0 Grouptime Teamwire backend versions prior to prod-2018-11-13-15-00-42 **Description** The issue allows code injection via a template, leading to remote code execution. **Recommendations** For Grouptime Teamwire Desktop Client versions 1.5.1 through 1.9.0, update to version 1.9.0 or later. For Grouptime Teamwire backend versions prior to prod-2018-11-13-15-00-42, update to a version after prod-2018-11-13-15-00-42.

**Name of the Vulnerable Software and Affected Versions** Couchbase Sync Gateway version 2.1.2 **Description** The issue allows an attacker with access to the Sync Gateway's public REST API to extract sensitive data or call arbitrary N1QL functions through the parameters `startkey` and `endkey` on the " all docs" endpoint. By issuing nested queries with CPU-intensive operations, they may cause increased resource usage and denial of service conditions. **Recommendations** For Couchbase Sync Gateway version 2.1.2, update to version 2.1.3 or 2.5.0 to resolve the issue. As a temporary workaround, consider blocking external access to the " all docs" REST endpoint to mitigate the risk of exploitation. Restrict access to the `startkey` and `endkey` parameters in the " all docs" endpoint to minimize the risk of N1QL injection.