Ireading

**Name of the Vulnerable Software and Affected Versions** Teledyne FLIR AX8 versions up to 1.46.16 **Description** A critical vulnerability has been found in the Web Service Handler component of the affected software. The issue is related to an unknown function of the file palette.php, where the manipulation of the `palette` argument leads to command injection. This allows for remote attacks. **Recommendations** For versions up to 1.46.16, consider disabling the Web Service Handler component or restricting access to the palette.php file until a patch is available. As a temporary workaround, avoid using the `palette` argument in the affected Web Service Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** C-DATA Web Management System (affected versions not specified) **Description** A critical issue affects the C-DATA Web Management System, specifically the file `cgi-bin/jumpto.php` of the component GET Parameter Handler. The manipulation of the `hostname` argument leads to argument injection. This issue can be exploited remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sapido BR270n (affected versions not specified) Sapido BRC76n (affected versions not specified) Sapido GR297 (affected versions not specified) Sapido RB1732 (affected versions not specified) **Description** A critical issue affects some unknown functionality of the file `ip/syscmd.htm`, leading to os command injection. The attack can be launched remotely. **Recommendations** For Sapido BR270n, consider restricting access to the file `ip/syscmd.htm` to minimize the risk of exploitation. For Sapido BRC76n, consider restricting access to the file `ip/syscmd.htm` to minimize the risk of exploitation. For Sapido GR297, consider restricting access to the file `ip/syscmd.htm` to minimize the risk of exploitation. For Sapido RB1732, consider restricting access to the file `ip/syscmd.htm` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.