Floris Hendriks

**Name of the Vulnerable Software and Affected Versions** INEA ME RTU firmware versions 3.36b and prior **Description** The issue is related to operating system command injection, which could allow remote code execution. This is due to the lack of measures to neutralize special elements used in the operating system command. Exploitation of the issue may allow a remote attacker to execute arbitrary operating system commands. **Recommendations** For INEA ME RTU firmware versions 3.36b and prior, update to a version later than 3.36b to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** INEA ME RTU firmware versions 3.36b and prior **Description** The issue is related to inadequate authentication procedures in the INEA ME RTU firmware, which could allow an attacker to gain unauthorized access to the device. Specifically, versions of the firmware do not require authentication to the "root" account on the host system, potentially enabling an attacker to obtain admin-level access. This could be exploited by a remote attacker. **Recommendations** For INEA ME RTU firmware versions 3.36b and prior, consider implementing additional authentication measures to secure the "root" account on the host system until a patch is available. As a temporary workaround, restrict access to the device to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Wago products (affected versions not specified) **Description** The issue allows a remote attacker with administrative privileges to access files through an undocumented local file inclusion. This access is logged in a different log file than expected. The vulnerability is related to errors in processing hypertext links and can allow an attacker to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TBox RTUs (affected versions not specified) **Description** The issue concerns TBox RTUs that run OpenVPN with root privileges and are capable of executing user-defined configuration scripts. An attacker can set up a local OpenVPN server and push a malicious script to the TBox host, potentially acquiring root privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TWinSoft Configuration Tool (affected versions not specified) **Description** The issue concerns the storage of encrypted passwords as plaintext in memory by the TWinSoft Configuration Tool. An attacker with access to system files could load a document into memory, gaining access to sensitive information, including passwords. The attacker could then use a memory viewer to obtain the plaintext password. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TBox RTUs (affected versions not specified) **Description** The issue concerns the use of MD5 encryption for storing hashed passwords in TBox RTUs, which is considered an insecure encryption algorithm. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TBox RTUs (affected versions not specified) **Description** The affected TBox RTUs generate software security tokens using insufficient entropy. The random seed used to generate the software tokens is not initialized correctly, and other parts of the token are generated using predictable time-based values. An attacker with this knowledge could successfully brute force the token and authenticate themselves. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TBox RTUs (affected versions not specified) **Description** The issue allows low privilege users to access software security tokens of higher privilege. This could enable an attacker with `user` privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TBox RTUs (affected versions not specified) **Description** The issue concerns missing authorization for running certain API commands, which could allow an attacker to reveal sensitive information, including software versions and web server file contents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** INEA ME RTU versions prior to 3.36 **Description** The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This could allow a remote attacker to execute arbitrary code. The estimated number of potentially affected devices is not provided. **Recommendations** For versions prior to 3.36, update to version 3.36 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable firmware to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Control By Web X-400 devices (affected versions not specified) **Description** The issue concerns a cross-site scripting attack that could result in private and session information being transferred to the attacker. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Control By Web X-600M (affected versions not specified) **Description** The issue is related to code injection in Lua scripts, which could allow an attacker to remotely execute arbitrary code. This is due to errors in code generation. The exploitation of this issue may enable a remote attacker to execute arbitrary code by running Lua scripts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.