Erik De Jong

**Name of the Vulnerable Software and Affected Versions** Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.8.5)C0 **Description** A post-authentication command injection issue exists in the diagnostic function of the Zyxel VMG8825-T50K firmware, specifically in the `DNSServer` parameter. This could allow an authenticated attacker with administrator privileges to execute operating system commands on a vulnerable device. **Recommendations** For Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.8.5)C0, consider restricting access to the diagnostic function until a patch is available. As a temporary workaround, limit the use of the `DNSServer` parameter to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0 Description: The issue is related to a post-authentication command injection vulnerability in the `host` parameter of the diagnostic function. This vulnerability could allow an authenticated attacker with administrator privileges to execute operating system commands on a vulnerable device. The vulnerability is due to the lack of measures to neutralize special elements used in the operating system command. Recommendations: For Zyxel VMG4005-B50A firmware versions through V5.15(ABQA.2.2)C0, consider disabling the diagnostic function temporarily until a patch is available. Restrict access to the `host` parameter in the diagnostic function to minimize the risk of exploitation. Avoid using the `host` parameter in the affected diagnostic function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Music Station versions prior to 5.3.22 **Description** A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. **Recommendations** For Music Station versions prior to 5.3.22, update to version 5.3.22 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Music Station versions prior to 5.3.22 **Description** A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. **Recommendations** For versions prior to 5.3.22, update to Music Station 5.3.22 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90, and 1.95 Description: A remote unauthenticated directory traversal security issue has been identified. This issue could be remotely exploited to allow an unauthenticated user to run arbitrary code, leading to complete impact on confidentiality, integrity, and availability of the iLO Amplifier Pack appliance. Recommendations: For HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90, and 1.95, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nozomi Networks Guardian versions 20.0.7.3 and prior versions Nozomi Networks CMC versions 20.0.7.3 and prior versions **Description** A Path Traversal issue exists when changing the timezone using the web GUI, allowing an authenticated administrator to read protected system files. **Recommendations** For Nozomi Networks Guardian versions 20.0.7.3 and prior versions, consider disabling the timezone change functionality in the web GUI until a patch is available. For Nozomi Networks CMC versions 20.0.7.3 and prior versions, consider disabling the timezone change functionality in the web GUI until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Nozomi Networks Guardian versions 20.0.7.3 and prior versions Nozomi Networks CMC versions 20.0.7.3 and prior versions **Description** The issue is an OS Command Injection vulnerability that occurs when changing date settings or hostname using the web GUI of Nozomi Networks Guardian and CMC. This allows authenticated administrators to perform remote code execution. **Recommendations** For Nozomi Networks Guardian versions 20.0.7.3 and prior versions, update to a version that fixes this issue. For Nozomi Networks CMC versions 20.0.7.3 and prior versions, update to a version that fixes this issue. As a temporary workaround, consider restricting access to the web GUI for changing date settings or hostname until a patch is available.