Max De Dumast

**Name of the Vulnerable Software and Affected Versions** Safescan Timemoto and TA-8000 series version 1.0 **Description** The issue allows unauthenticated remote attackers to execute code via the administrative API. This is a result of a Directory Traversal vulnerability. **Recommendations** For Safescan Timemoto and TA-8000 series version 1.0, consider restricting access to the administrative API until a patch is available. As a temporary workaround, limit the execution of code via the API to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Safescan Timemoto TM-616 and TA-8000 series (affected versions not specified) **Description** The issue concerns incorrect access control, allowing remote attackers to read any file via the administrative API. This could potentially lead to unauthorized access to sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.