Maayan Fishelov

**Name of the Vulnerable Software and Affected Versions** Canon MF237w version 06.07 **Description** An issue in the IPv4/ICMPv4 component may expose sensitive information when handling a packet sent by an unauthenticated network attacker due to improper handling of length parameter inconsistency. **Recommendations** For Canon MF237w version 06.07, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa NPort 5150A versions 1.5 and earlier **Description** The issue allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. This is related to the Moxa Service, which is an unauthenticated service that runs upon a first-time installation but can be disabled without ill effect. The vulnerability is associated with security mechanism shortcomings, potentially allowing a remote attacker to gain unauthorized access to protected information. **Recommendations** For Moxa NPort 5150A versions 1.5 and earlier, consider disabling the Moxa Service to minimize the risk of exploitation, as it can be disabled without ill effect.