Matthias Zoellner

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 108 Thunderbird versions prior to 102.6.1 Firefox ESR versions prior to 102.6 **Description** The issue is related to a file's filename being truncated, potentially leading to user confusion and the execution of malicious code. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The vulnerability is associated with the concealment of important security information. **Recommendations** For Firefox versions prior to 108, update to version 108 or later. For Thunderbird versions prior to 102.6.1, update to version 102.6.1 or later. For Firefox ESR versions prior to 102.6, update to version 102.6 or later.

**Name of the Vulnerable Software and Affected Versions** LANCOM R&S Unified Firewall (UF) devices version 10.5 **Description** The issue allows Relative Path Traversal. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For version 10.5, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Airleader Master versions <= 6.21 **Description** The issue allows remote code execution due to default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file. **Recommendations** For Airleader Master versions <= 6.21, change the default credentials to secure ones and restrict access to the Tomcat Manager to minimize the risk of exploitation.