Marcel Rick-Cen

**Name of the Vulnerable Software and Affected Versions** The product name cannot be determined. (affected versions not specified) **Description** A high-privileged remote attacker can execute arbitrary OS commands by exploiting an undocumented method that allows escaping the implemented LUA sandbox. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) version 3.0 **Description** The issue concerns hardcoded root credentials stored in the non-volatile flash memory. This allows physically proximate attackers to gain root access via UART or SSH. **Recommendations** For version 3.0, consider changing the hardcoded root credentials to unique, secure credentials to prevent unauthorized access. As a temporary workaround, restrict physical access to the device and limit SSH and UART connections to trusted sources until a patch is available.