Larry Cashdollar

**Name of the Vulnerable Software and Affected Versions** Vivotek devices versions 0100a through 012502 **Description** The affected devices contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') issue. This allows for potential OS Command Injection through the `upload map.cgi` component. The issue affects multiple Vivotek camera models, potentially serving as pivot points for further network compromise. The vulnerability allows for remote code execution. **Recommendations** Update devices with firmware versions prior to 0100a. Update devices with firmware versions prior to 0106a. Update devices with firmware versions prior to 0106b. Update devices with firmware versions prior to 0107a. Update devices with firmware versions prior to 0107b 1. Update devices with firmware versions prior to 0109a. Update devices with firmware versions prior to 0112a. Update devices with firmware versions prior to 0113a. Update devices with firmware versions prior to 0113d. Update devices with firmware versions prior to 0117b. Update devices with firmware versions prior to 0119e. Update devices with firmware versions prior to 0120b. Update devices with firmware versions prior to 0121. Update devices with firmware versions prior to 0121d. Update devices with firmware versions prior to 0121d 48573 1. Update devices with firmware versions prior to 0122e. Update devices with firmware versions prior to 0124d 48573 1. Update devices with firmware versions prior to 012501. Update devices with firmware versions prior to 012502.

**Name of the Vulnerable Software and Affected Versions** AVTECH AVM1203 versions prior to the latest supported version AVTECH IP cameras (affected versions not specified) **Description** The issue is related to a command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras, allowing for remote code execution (RCE) without authentication. This vulnerability has been exploited by the Mirai botnet to spread malware. Approximately 4,386,526 potentially vulnerable devices have been identified. The vulnerability has been actively exploited since at least 2019, but it wasn’t formally recognized until August 2024. **Recommendations** For AVTECH AVM1203 versions prior to the latest supported version: Consider replacing the device with a newer model that receives regular security updates. For AVTECH IP cameras (affected versions not specified): Update the firmware to the latest version, if available, and ensure that all devices are properly configured and secured to prevent exploitation. As a temporary workaround, consider disabling the brightness function or restricting access to the camera's network interface until a patch is available.

**Name of the Vulnerable Software and Affected Versions** QNAP VioStor NVR models running QVR Firmware versions prior to 5.0.0 **Description** An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models. If exploited, the vulnerability could allow authenticated users to execute commands via a network. The vulnerability exists due to the lack of measures to neutralize special elements. It is reported that the vulnerability has been exploited in the wild. Approximately 27,804 devices are potentially affected, mainly distributed in Japan, Mexico, and other countries. **Recommendations** For QVR Firmware versions prior to 5.0.0, update to QVR Firmware 5.0.0 or later to resolve the issue. As a temporary workaround, consider restricting network access to the vulnerable devices until a patch is applied. Avoid using the vulnerable QVR Firmware versions until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** FXC AE1021 firmware version 2.0.9 and earlier FXC AE1021PE firmware version 2.0.9 and earlier **Description** An OS command injection vulnerability exists, allowing an attacker who can log in to the product to execute arbitrary OS commands. The vulnerability is related to the lack of measures to neutralize special elements used in the OS command. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary commands. New botnet malware has been found to exploit this flaw in routers. **Recommendations** For FXC AE1021 firmware version 2.0.9 and earlier, update to a version later than 2.0.9 to resolve the issue. For FXC AE1021PE firmware version 2.0.9 and earlier, update to a version later than 2.0.9 to resolve the issue. As a temporary workaround, consider restricting access to the product to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Thumbshooter gem version 0.1.5 **Description** The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a URL, specifically in the lib/thumbshooter.rb file of the Thumbshooter gem for Ruby. **Recommendations** For version 0.1.5, consider updating to a newer version that contains a fix for this issue, as using shell metacharacters in a URL can lead to arbitrary command execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** htpasswd versions 2.25b and earlier **Description** The issue allows local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. This could potentially be exploited in configurations where htpasswd is used with sudo privileges or accessed remotely. **Recommendations** For htpasswd version 2.25b and earlier, consider restricting the use of command line options to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using htpasswd with sudo privileges or remote access to reduce the risk of privilege escalation.