Dr. Faruk Kazi

**Name of the Vulnerable Software and Affected Versions** ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) version 1.4.4 **Description** The issue is related to an insufficient session expiration, which could allow an attacker to transmit passwords over unencrypted connections, resulting in the product becoming vulnerable to interception. This could permit attackers to intercept passwords. **Recommendations** For version 1.4.4, consider updating to a newer version that addresses the insufficient session expiration issue, although the specific updated version is not provided. As a temporary workaround, restrict access to unencrypted connections to minimize the risk of password interception.

**Name of the Vulnerable Software and Affected Versions** EWON Flexy 202 (affected versions not specified) **Description** The issue concerns the transmission of user credentials in clear text without encryption when a user is added or user credentials are changed via the device's webpage. This affects the security of user credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TP-Link Archer C50 (affected versions not specified) Description: The issue is related to the improper signature verification mechanism in the firmware upgrade process at the web interface of the TP-Link Archer C50. This allows an attacker with administrative privileges within the router's Wi-Fi range to exploit the vulnerability by uploading and executing malicious firmware, potentially leading to the complete compromise of the targeted device. The exploitation can result in the execution of arbitrary code and may cause a denial of service. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Philips lighting devices (affected versions not specified) **Description** This issue is related to the storage of Wi-Fi credentials in plain text within the device firmware of Philips lighting devices. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext Wi-Fi credentials stored on the vulnerable device. Successful exploitation could allow an attacker to gain unauthorized access to the Wi-Fi network to which the vulnerable device is connected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** EWON FLEXY 202 (affected versions not specified) **Description** The issue concerns the transmission of credentials using a weak encoding method, specifically base64. An attacker present in the network can intercept the traffic and decode the credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** The issue exists due to insufficient validation of user-supplied input for the `SMTP Password` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the web interface or restricting input to the `SMTP Password` parameter until a fix is available. Avoid using the `SMTP Password` parameter in the affected web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue is due to insufficient validation of user-supplied input for the `Identity` parameter under Local endpoint settings at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter at the web interface of the targeted system. Successful exploitation could allow the attacker to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the Local endpoint settings at the web interface until a patch is available. Restrict access to the `Identity` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to insufficient validation of user-supplied input for the `Pre-shared key` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the web interface until a patch is available to prevent exploitation. Restrict access to the `Pre-shared key` parameter to minimize the risk of stored XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** The issue exists due to insufficient validation of user-supplied input for the `L2TP/PPTP Username` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling the `L2TP/PPTP Username` parameter at the web interface until a patch is available. Restrict access to the web interface to minimize the risk of exploitation. Avoid using the `L2TP/PPTP Username` parameter in the affected web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** The issue exists due to insufficient validation of user-supplied input for the `Preshared Phrase` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the web interface until a patch is available, or restrict input for the `Preshared Phrase` parameter to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to insufficient validation of user-supplied input for the `Network Name (SSID)` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling the web interface or restricting access to it until a patch is available. Avoid using the `Network Name (SSID)` parameter in the affected web interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to insufficient validation of user-supplied input for the `Device Name` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, as a temporary workaround, consider restricting access to the web interface or validating user input for the `Device Name` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to the transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this by eavesdropping on the victim’s network traffic to extract the `username` and `password` from the web interface (Login Page) of the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling the login functionality over the network until a patch is available to prevent the transmission of credentials in plaintext. Restrict access to the web interface to minimize the risk of exploitation. Avoid using the vulnerable login page until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to the transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this by eavesdropping on the victim’s network traffic to extract the `username` and `password` from the web interface, specifically the Password Reset Page, of the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling the Password Reset Page functionality until a patch is available to prevent exploitation. Restrict access to the web interface to minimize the risk of eavesdropping and credential extraction.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue is due to insufficient validation of user-supplied input for the `Add Downstream Frequency` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing a Denial of Service (DoS) attack on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider restricting access to the web interface or limiting input for the `Add Downstream Frequency` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue is due to insufficient validation of user-supplied input for the `Set Upstream Channel ID (UCID)` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, potentially allowing them to perform a Denial of Service (DoS) attack on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider restricting access to the web interface to minimize the risk of exploitation. As a temporary workaround, avoid using the `Set Upstream Channel ID (UCID)` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue is due to insufficient validation of user-supplied input for the `Traceroute` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the `Traceroute` parameter at the web interface until a patch is available to prevent exploitation. Restrict access to the web interface to minimize the risk of stored XSS attacks.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to insufficient validation of user-supplied input for the `Time Server 1` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the `Time Server 1` parameter at the web interface until a patch is available. Restricting user input validation for this parameter can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** The issue exists due to insufficient validation of user-supplied input for the `Time Server 2` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the `Time Server 2` parameter at the web interface until a patch is available. Restricting user input validation for this parameter can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Skyworth Router CM5100 version 4.1.1.24 **Description** This issue exists due to insufficient validation of user-supplied input for the `Time Server 3` parameter at the web interface. A remote attacker could exploit this by supplying specially crafted input to the parameter, allowing them to perform stored XSS attacks on the targeted system. **Recommendations** For Skyworth Router CM5100 version 4.1.1.24, consider disabling access to the `Time Server 3` parameter at the web interface until a patch is available to prevent exploitation. Additionally, restrict access to the web interface to minimize the risk of remote attackers supplying specially crafted input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.