Harkenzo

**Name of the Vulnerable Software and Affected Versions** Unified Remote (affected versions not specified) **Description** The web management interface for Unified Intents' Unified Remote solution does not require authentication, allowing a remote, unauthenticated attacker to change or disable authentication requirements for the Unified Remote protocol. This can be leveraged to run code of the attacker's choosing. The issue is related to an incorrect authorization procedure in the web management interface. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.