Mandar Jadhav

**Name of the Vulnerable Software and Affected Versions** ACTi cameras including the D, B, I, and E series version A1D-500-V6.11.31-AC **Description** The web application in the affected cameras uses the GET method to process requests containing sensitive information, such as `user account name` and `password`. This can expose the sensitive information through the browser's history, referrers, web logs, and other sources. **Recommendations** For version A1D-500-V6.11.31-AC, consider changing the request method from GET to POST to prevent sensitive information from being exposed in the browser's history and web logs. As a temporary workaround, restrict access to the web application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MRD-305-DIN versions prior to 1.7.5.0 MRD-315 versions prior to 1.7.5.0 MRD-355 versions prior to 1.7.5.0 MRD-455 versions prior to 1.7.5.0 **Description** A Use of Hard-Coded Cryptographic Key issue was discovered, where the device utilizes hard-coded private cryptographic keys. This may allow an attacker to decrypt traffic from any other source. **Recommendations** For MRD-305-DIN versions prior to 1.7.5.0, update to version 1.7.5.0 or later. For MRD-315 versions prior to 1.7.5.0, update to version 1.7.5.0 or later. For MRD-355 versions prior to 1.7.5.0, update to version 1.7.5.0 or later. For MRD-455 versions prior to 1.7.5.0, update to version 1.7.5.0 or later.

**Name of the Vulnerable Software and Affected Versions** ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC **Description** The issue is related to the use of non-random default credentials across all devices. A remote attacker can take complete control of a device using default admin credentials. This allows an attacker to gain access to the device with admin rights. **Recommendations** For ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC, change the default admin credentials to unique and strong passwords to prevent unauthorized access.

**Name of the Vulnerable Software and Affected Versions** ACTi cameras versions A1D-500-V6.11.31-AC **Description** The issue is related to inadequate access control in the firmware of ACTi cameras, which can be exploited by a remote attacker. By directly accessing the "http://x.x.x.x/setup/setup maintain firmware-default.html" page, an attacker can perform a factory reset on the device. This can lead to a denial of service condition or allow the attacker to access the device using default credentials. **Recommendations** For version A1D-500-V6.11.31-AC, consider restricting access to the factory reset page as a temporary workaround until a patch is available. Avoid using the default credentials in the affected API endpoint until the issue is resolved. As a mitigation measure, restrict access to the `setup maintain firmware-default.html` page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D3600 versions 1.0.0.49 and earlier NETGEAR D6000 versions 1.0.0.49 and earlier **Description** The issue allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a hardcoded private key from another installation. This is possible because the same private key is used across different customers' installations. **Recommendations** For NETGEAR D3600 version 1.0.0.49 and earlier, consider updating the firmware to a version that does not use a hardcoded private key. For NETGEAR D6000 version 1.0.0.49 and earlier, consider updating the firmware to a version that does not use a hardcoded private key. As a temporary workaround, restrict access to the device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NETGEAR D3600 version 1.0.0.49 NETGEAR D6000 versions 1.0.0.49 and earlier **Description** The issue concerns the password-recovery feature, which allows remote attackers to discover the cleartext administrator password by reading the HTML source code of the "cgi-bin/passrec.asp" page. **Recommendations** For NETGEAR D3600 version 1.0.0.49, update the firmware to a version that fixes this issue. For NETGEAR D6000 versions 1.0.0.49 and earlier, update the firmware to a version that fixes this issue. As a temporary workaround, consider restricting access to the cgi-bin/passrec.asp page until a patch is available.