Juliourena

**Name of the Vulnerable Software and Affected Versions** Apeman ID71 version EN75.8.53.20 **Description** A flaw exists in Apeman ID71 EN75.8.53.20, specifically within an unknown function of the `/set alias.cgi` file. Manipulation of the `alias` argument can lead to cross site scripting. This issue is remotely exploitable, and details about the exploit have been publicly disclosed. The vendor was informed of this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apeman ID71 version 218.53.203.117 **Description** A security issue exists in the ONVIF Service component of Apeman ID71. Specifically, a manipulation of an unknown function within the `/onvif/device service` file results in missing authentication. This allows for remote exploitation. The exploit has been publicly released, and the vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apeman ID71 (affected versions not specified) **Description** A security flaw exists in Apeman ID71 that involves hard-coded credentials. This allows for remote takeover of the device. The vulnerability resides in unknown code within the `/system/www/system.ini` file. The exploit for this issue has been publicly released. The vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.