Mohamed Maatallah

Name of the Vulnerable Software and Affected Versions: polkit (affected versions not specified) Description: A flaw exists in polkit where processing an XML policy with 32 or more nested elements in depth can trigger an out-of-bounds write. This can lead to a crash or unexpected behavior, with the possibility of arbitrary code execution. Exploitation requires a high-privilege account to place a malicious policy file. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TOZED ZLT W51 versions up to 1.4.2 **Description** A critical issue affects some unknown functionality of the component Service Port 7777, leading to improper clearing of heap memory before release. This can be exploited remotely. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** For TOZED ZLT W51 versions up to 1.4.2, as a temporary workaround, consider restricting access to Service Port 7777 until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Coreutils (affected versions not specified) **Description** A flaw was found in the sort utility's begfield() function, which is vulnerable to a heap buffer under-read. This issue may cause the program to access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iputils versions through 20240905 **Description** The issue allows for a denial of service, resulting in application error or incorrect data collection, via a crafted ICMP Echo Reply packet. This is caused by a signed 64-bit integer overflow in timestamp multiplication. **Recommendations** For versions through 20240905, as a temporary workaround, consider restricting the handling of ICMP Echo Reply packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3v(T) version TT V6.2.1021 Description: A critical vulnerability has been found in the TP-Link VN020 F3v(T) router. The issue is related to the SOAP Request Handler component, specifically an unknown function of the file /control/WANIPConnection. The manipulation of the `NewConnectionType` argument leads to a buffer overflow. The attack must be performed within the local network. The exploit has been disclosed to the public and may be used. This vulnerability can be exploited by an attacker to cause a denial of service. Recommendations: For TP-Link VN020 F3v(T) version TT V6.2.1021, as a temporary workaround, consider disabling the SOAP Request Handler component until a patch is available. Restrict access to the /control/WANIPConnection file to minimize the risk of exploitation. Avoid using the `NewConnectionType` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3v(T) TT V6.2.1021 Description: A critical issue was found in the FTP USER Command Handler component of the TP-Link VN020 F3v(T) router, affecting an unknown part of this component. The manipulation of this issue leads to memory corruption and can be initiated remotely. Recommendations: For TP-Link VN020 F3v(T) TT V6.2.1021, as a temporary workaround, consider disabling the FTP USER Command Handler until a patch is available. Restrict access to the FTP service to minimize the risk of exploitation. Avoid using the FTP protocol until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3v(T) version TT V6.2.1021 Description: A critical issue affects the Incomplete SOAP Request Handler component, specifically the processing of the file `/control/WANIPConnection`. This can lead to denial of service when exploited. The attack can only be initiated within the local network. The issue is related to incorrect resource cleanup or release. Recommendations: For TP-Link VN020 F3v(T) version TT V6.2.1021, as a temporary workaround, consider restricting access to the `/control/WANIPConnection` file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: TP-Link VN020 F3v(T) TT V6.2.1021 Description: A critical vulnerability has been found in the DHCP DISCOVER Packet Parser component of TP-Link devices. The manipulation of the `hostname` argument leads to a stack-based buffer overflow. This issue can be exploited remotely, and the exploit has been disclosed to the public. The vulnerability poses significant security risks, and users are urged to update their firmware to the latest version to mitigate potential threats. Recommendations: Update the firmware to the latest version available to mitigate risks. As a temporary workaround, consider restricting access to the DHCP DISCOVER Packet Parser component until a patch is available. Ensure your devices are updated and patched immediately to mitigate potential threats.