Giles-One

**Name of the Vulnerable Software and Affected Versions** spimsimulator spim versions prior to 9.1.24 **Description** spimsimulator spim versions prior to 9.1.24 are susceptible to a buffer overflow in the `READ SYSCALL` and `WRITE SYSCALL` system calls. The application’s verification of starting and ending addresses for memory read/write operations can be bypassed by configuring these addresses to point to different memory segments within the virtual machine. **Recommendations** Update spimsimulator spim to version 9.1.24 or later.

Name of the Vulnerable Software and Affected Versions: spim versions prior to 9.1.24 Description: spimsimulator spim is susceptible to a buffer overflow in the `READ STRING SYSCALL` function. Recommendations: Update to a version newer than 9.1.24.

Name of the Vulnerable Software and Affected Versions: mupen64plus version 2.6.0 Description: An array overflow issue exists in the `write rdram regs` and `write rdram regs` functions, potentially allowing for the execution of arbitrary commands on the host machine. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** sunniwell HT3300 versions before 1.0.0.B022.2 **Description** The issue concerns insecure permissions in the sunniwell HT3300 device, specifically with the /usr/local/bin/update program, which is used for software updates and has the execution mode of sudo NOPASSWD. This program is vulnerable to a command injection vulnerability, allowing an attacker to pass commands via command line arguments to gain elevated root privileges. **Recommendations** For sunniwell HT3300 versions before 1.0.0.B022.2, update to version 1.0.0.B022.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the /usr/local/bin/update program to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** DrayTek Vigor2960 version 1.4.4 **Description** An authorized remote code execution vulnerability exists due to the lack of neutralization of special elements used in the operating system command. This allows an attacker to execute arbitrary code by injecting a specially crafted command into the `table` parameter of the `doPPPoE` function in the "cgi-bin/mainfunction.cgi" route, which is then executed by the system function. Over 52,000 results have been found on a search engine, indicating a potentially large number of affected devices. **Recommendations** For DrayTek Vigor2960 version 1.4.4, as a temporary workaround, consider disabling the `doPPPoE` function in the "cgi-bin/mainfunction.cgi" route until a patch is available. Restrict access to the `cgi-bin/mainfunction.cgi` route to minimize the risk of exploitation. Avoid using the `table` parameter in the affected route until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FAST FW300R version 1.3.13 Build 141023 Rel.61347n **Description** A stack overflow in FAST FW300R allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted file path. **Recommendations** For version 1.3.13 Build 141023 Rel.61347n, upgrade to version 1.3.14 or later to remediate the issue. As a temporary workaround, consider restricting access to the vulnerable component until a patch is available.