Neodyme

**Name of the Vulnerable Software and Affected Versions** Color imageCLASS MF656Cdw versions 05.04 and earlier Color imageCLASS MF654Cdw versions 05.04 and earlier Color imageCLASS MF653Cdw versions 05.04 and earlier Color imageCLASS MF652Cdw versions 05.04 and earlier Color imageCLASS LBP633Cdw versions 05.04 and earlier Color imageCLASS LBP632Cdw versions 05.04 and earlier i-SENSYS MF657Cdw versions 05.04 and earlier i-SENSYS MF655Cdw versions 05.04 and earlier i-SENSYS MF651Cdw versions 05.04 and earlier i-SENSYS LBP633Cdw versions 05.04 and earlier i-SENSYS LBP631Cdw versions 05.04 and earlier Satera MF656Cdw versions 05.04 and earlier Satera MF654Cdw versions 05.04 and earlier **Description** The issue is related to a buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers, which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. **Recommendations** Color imageCLASS MF656Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Color imageCLASS MF654Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Color imageCLASS MF653Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Color imageCLASS MF652Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Color imageCLASS LBP633Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Color imageCLASS LBP632Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. i-SENSYS MF657Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. i-SENSYS MF655Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. i-SENSYS MF651Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. i-SENSYS LBP633Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. i-SENSYS LBP631Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Satera MF656Cdw version 05.04 and earlier: Update firmware to a version later than 05.04. Satera MF654Cdw version 05.04 and earlier: Update firmware to a version later than 05.04.

**Name of the Vulnerable Software and Affected Versions** NETGEAR RAX30 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. The specific flaw exists within the `fing dil` service, resulting from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.