Leo Yu

**Name of the Vulnerable Software and Affected Versions** Multisuns EasyLog web+ (affected versions not specified) **Description** The issue is related to the use of hard-coded credentials in Multisuns EasyLog web+. A remote attacker can exploit this to access the system, perform arbitrary system operations, or disrupt service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Multisuns EasyLog web+ (affected versions not specified) **Description** The issue is related to a path traversal vulnerability within a specific parameter in a URL. This allows an unauthenticated remote attacker to bypass authentication and download arbitrary system files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Multisuns EasyLog web+ (affected versions not specified) **Description** The issue is related to incorrect code generation management in the software. It allows an unauthenticated remote attacker to exploit the code injection vulnerability, enabling them to inject code and access the system. This access can be used to perform arbitrary system operations or disrupt service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.