Leommxj

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers, which could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability of the Open Plug and Play (PnP) module is associated with errors in processing input data, allowing a remote attacker to execute arbitrary commands in the base operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open5GS versions prior to 2.3.7 **Description** A buffer overflow issue exists, allowing remote attackers to cause a Denial of Service via a crafted sbi request. **Recommendations** For versions prior to 2.3.7, update to version 2.3.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Open5GS versions prior to 2.3.6 **Description** A null pointer dereference issue exists, allowing remote attackers to cause a Denial of Service via a crafted sbi request to amf. **Recommendations** For versions prior to 2.3.6, update to a version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 11.4 through 11.4-RELEASE before p10 FreeBSD versions 12.2 through 12.2-RELEASE before p7 FreeBSD versions 13.0 through 13.0-RELEASE before p1 **Description** The issue exists due to insufficient input validation in the libradius service of the FreeBSD operating system. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For versions 11.4 through 11.4-RELEASE before p10, update to a version after p10. For versions 12.2 through 12.2-RELEASE before p7, update to a version after p7. For versions 13.0 through 13.0-RELEASE before p1, update to a version after p1.

Name of the Vulnerable Software and Affected Versions: accel-ppp (affected versions not specified) Description: A variable underflow exists in the radius/packet.c file of accel-ppp when receiving a RADIUS vendor-specific attribute with a length field less than 2. This issue can lead to arbitrary code execution, but only when the attacker controls the RADIUS server. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. **Description** The issue is a command injection vulnerability that could allow remote attackers to execute arbitrary commands if exploited. **Recommendations** For QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907, update to version 4.4.3.1421 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. **Description** The issue is a command injection vulnerability that could allow remote attackers to execute arbitrary commands if exploited. **Recommendations** For QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907, update to version 4.4.3.1421 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ACCEL-PPP (affected versions not specified) **Description** A buffer overflow issue occurs when receiving an L2TP control packet with an AVP of type string and no hidden flags, where the length is set to less than 6. This issue is particularly concerning for applications used in open networks or those with untrusted nodes. **Recommendations** Apply the patch from commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b to resolve the issue. As a temporary workaround, changes from commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions.

**Name of the Vulnerable Software and Affected Versions** libIEC61850 versions prior to 1.4.3 **Description** The issue occurs when a message with a COTP message length field with a value less than 4 is received, leading to an integer underflow and potentially a heap buffer overflow. This can cause an application crash or, on some platforms, even the execution of remote code. The risk is higher if the application is used in open networks or if there are untrusted nodes in the network. **Recommendations** For versions prior to 1.4.3, upgrade to version 1.4.3 when available. As a temporary workaround, changes from commit 033ab5b can be applied to older versions.