Kaustubh G. Padwad

**Name of the Vulnerable Software and Affected Versions** ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier **Description** The issue allows high privilege users to perform Cross-Site Scripting attacks due to the plugin not escaping its settings, even when the unfiltered html is disallowed. **Recommendations** For ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier, update to a version later than 1.20 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier **Description** The issue arises from the lack of a CSRF check when saving settings, allowing an attacker to manipulate a logged-in admin into changing them via a CSRF attack. Additionally, the lack of escaping when outputting settings can lead to Stored Cross-Site Scripting issues. **Recommendations** For ClickBank Affiliate Ads WordPress plugin versions 1.20 and earlier, update to a version that includes a CSRF check and proper escaping of output settings to prevent these issues. As a temporary workaround, consider restricting access to the settings page to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Skyworth Digital Technology RN510 version 3.1.0.4 Description: The issue is related to an incorrect access control vulnerability in the /cgi-bin/test version.asp endpoint. If Wi-Fi is connected and an unauthenticated user visits a specific URL, the SSID password and web UI password may be disclosed. Recommendations: For Skyworth Digital Technology RN510 version 3.1.0.4, as a temporary workaround, consider restricting access to the /cgi-bin/test version.asp endpoint until a patch is available. Avoid using this endpoint with unauthenticated users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Skyworth Digital Technology RN510 version 3.1.0.4 Description: The issue is related to a buffer overflow in the `/cgi-bin/app-staticIP.asp` endpoint. An authenticated attacker can send a specially crafted request to this endpoint, potentially leading to a denial of service (DoS) or possible code execution on the device. Recommendations: For Skyworth Digital Technology RN510 version 3.1.0.4, as a temporary workaround, consider restricting access to the `/cgi-bin/app-staticIP.asp` endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Skyworth Digital Technology RN510 version 3.1.0.4 Description: The issue is related to a cross-site request forgery (CSRF) vulnerability in the /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp API endpoints. This vulnerability can lead to XSRF due to missing CSRF protection, and these pages are also vulnerable to cross-site scripting (XSS). Recommendations: For Skyworth Digital Technology RN510 version 3.1.0.4, consider disabling access to the /cgi-bin/net-routeadd.asp and /cgi-bin/sec-urlfilter.asp API endpoints until a patch is available. Restricting access to these endpoints can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Unibox SMB version 2.4 UniBox Enterprise Series version 2.4 UniBox Campus Series version 2.4 Description: The issue is related to a cross-site request forgery (CSRF) vulnerability. This vulnerability can be exploited through specially crafted HTTP requests to certain API endpoints, potentially allowing reconfiguration of the device. The affected endpoints include "/tools/network-trace", "/list users", "/list byod?usertype=raduser", "/dhcp leases", and "/go?rid=202". Recommendations: For Unibox SMB version 2.4, consider restricting access to the vulnerable API endpoints until a patch is available. For UniBox Enterprise Series version 2.4, avoid using the vulnerable endpoints, such as "/tools/network-trace" and "/list users", to minimize the risk of exploitation. For UniBox Campus Series version 2.4, as a temporary workaround, consider disabling access to the "/list byod?usertype=raduser" and "/dhcp leases" endpoints. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1 version not specified Shenzhen Skyworth DT721-cb SDOTBGN1 version not specified Shenzhen Skyworth DT741-cb SDOTBGN1 version not specified **Description** An issue was discovered that allows remote attackers to cause a denial of service or achieve unauthenticated remote code execution. This is possible due to control of certain registers when a long password is passed to the Web passwd function. **Recommendations** For Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, consider restricting access to the Web passwd function until a fix is available. For Shenzhen Skyworth DT721-cb SDOTBGN1, consider restricting access to the Web passwd function until a fix is available. For Shenzhen Skyworth DT741-cb SDOTBGN1, consider restricting access to the Web passwd function until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.