Nicolas Mattiocco

**Name of the Vulnerable Software and Affected Versions** Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Topline TopFD-2125 version 3.15.1 **Description** A cross-site scripting issue has been identified, which may allow remote code execution. **Recommendations** For Geutebruck G-Cam/EFD-2250 version 1.12.0.4, at the moment, there is no information about a newer version that contains a fix for this issue. For Topline TopFD-2125 version 3.15.1, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Topline TopFD-2125 version 3.15.1 **Description** A server-side request forgery issue has been identified, which could lead to proxied network scans. **Recommendations** For Geutebruck G-Cam/EFD-2250 version 1.12.0.4, restrict access to the camera's network functionality until a patch is available. For Topline TopFD-2125 version 3.15.1, consider disabling the camera's ability to perform network requests as a temporary workaround.

**Name of the Vulnerable Software and Affected Versions** Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Topline TopFD-2125 version 3.15.1 **Description** An improper access control issue has been identified, which could allow a full configuration download, including passwords. **Recommendations** For Geutebruck G-Cam/EFD-2250 version 1.12.0.4, update to a newer version that addresses the improper access control issue. For Topline TopFD-2125 version 3.15.1, update to a newer version that addresses the improper access control issue. As a temporary workaround, consider restricting access to the camera's configuration settings until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Topline TopFD-2125 version 3.15.1 **Description** A cross-site request forgery issue has been identified, which may allow an unauthorized user to be added to the system. **Recommendations** For Geutebruck G-Cam/EFD-2250 version 1.12.0.4, update to a newer version that contains a fix for this issue. For Topline TopFD-2125 version 3.15.1, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Geutebruck G-Cam/EFD-2250 version 1.12.0.4 Topline TopFD-2125 version 3.15.1 **Description** An SQL injection issue has been identified, which may allow an attacker to alter stored data. **Recommendations** For Geutebruck G-Cam/EFD-2250 version 1.12.0.4, consider restricting access to the SQL database to minimize the risk of exploitation. For Topline TopFD-2125 version 3.15.1, avoid using user-input data in SQL queries until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HPE Smart Storage Administrator versions prior to 2.60.18.0 **Description** A Remote Arbitrary Code Execution issue was discovered. **Recommendations** For versions prior to 2.60.18.0, update to version 2.60.18.0 or later to resolve the issue.