Nicolas Chatelain

**Name of the Vulnerable Software and Affected Versions** Unraid (affected versions not specified) **Description** A path traversal authentication bypass issue exists in Unraid’s authentication request process. This allows remote attackers to bypass authentication on affected systems without needing to authenticate. The flaw is located in the `auth-request.php` file and is due to insufficient validation of a user-supplied path before it is used during authentication. An attacker can exploit this to bypass authentication on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Unraid (affected versions not specified) **Description** A path traversal flaw exists in the Unraid update request handling mechanism. This issue could allow for remote code execution. The vulnerability is related to the handling of update requests, potentially allowing an attacker to traverse file paths and execute arbitrary code on the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** IceWarp gmaps (affected versions not specified) **Description** The software contains a cross-site scripting issue that can lead to authentication bypass. The issue allows an attacker to bypass authentication mechanisms. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sonos One versions 1st and 2nd generation **Description** The issue allows partial or full memory access via attacker-controlled hardware that can be attached to the Mini-PCI Express slot on the motherboard, which hosts the WiFi card on the device. **Recommendations** For Sonos One versions 1st and 2nd generation, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Sympa versions prior to 6.2.56 Description: The issue is related to a lack of privilege management mechanism in the Sympa mailing list manager, which can be exploited to gain access to confidential data, compromise data integrity, and cause a denial of service. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. Recommendations: For versions prior to 6.2.56, update to version 6.2.56 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and functionality to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** UCOPIA Wireless Appliance versions prior to 5.1.8 **Description** The issue allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the `less` command. This is related to the restricted shell interface. **Recommendations** For versions prior to 5.1.8, update to version 5.1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the `less` command until a patch is available.

**Name of the Vulnerable Software and Affected Versions** UCOPIA Wireless Appliance versions prior to 5.1.8 **Description** The issue allows remote attackers to gain root privileges by exploiting a metacharacter in the argument to the chroothole client executable. This is achieved by using a dollar sign ($) metacharacter. **Recommendations** For versions prior to 5.1.8, update to version 5.1.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the chroothole client executable until the update is applied.

**Name of the Vulnerable Software and Affected Versions** SPIP versions 3.1.2 and earlier **Description** The issue allows remote authenticated users to execute arbitrary PHP code. This can be achieved by uploading an HTML file with a crafted `INCLUDE` or `INCLURE` tag and then accessing it with a `valider xml` action. **Recommendations** For SPIP versions 3.1.2 and earlier, consider restricting access to the template composer/compiler until a fix is available. As a temporary workaround, avoid using the `INCLUDE` and `INCLURE` tags in uploaded HTML files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SPIP versions 3.1.2 and earlier **Description** A directory traversal issue exists, allowing remote attackers to enumerate system files via the `var url` parameter in a "valider xml" action. **Recommendations** For SPIP versions 3.1.2 and earlier, update to a version later than 3.1.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SPIP versions 3.1.2 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `var url` parameter in a "valider xml" action. **Recommendations** For SPIP versions 3.1.2 and earlier, update to a version later than 3.1.2 to resolve the issue.