Noam Moshe

**Name of the Vulnerable Software and Affected Versions** Trane Tracer SC Trane Tracer SC+ Trane Tracer Concierge **Description** A Memory Allocation with Excessive Size Value issue exists in Trane Tracer SC, Tracer SC+, and Tracer Concierge. This could allow an unauthenticated attacker to cause a denial-of-service condition. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trane Tracer SC Trane Tracer SC+ Trane Tracer Concierge **Description** A missing authorization flaw exists in Trane Tracer SC, Tracer SC+, and Tracer Concierge. This issue could allow an unauthenticated attacker to gain access to sensitive information through unprotected APIs. The affected API endpoints lack proper authorization checks, potentially exposing data to unauthorized access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trane Tracer SC Trane Tracer SC+ Trane Tracer Concierge **Description** A flaw exists due to the use of hard-coded credentials in Trane Tracer SC, Tracer SC+, and Tracer Concierge. This could allow an attacker to disclose sensitive information and gain control of accounts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trane Tracer SC Trane Tracer SC+ Trane Tracer Concierge **Description** A Use of a Broken or Risky Cryptographic Algorithm issue exists in Trane Tracer SC, Tracer SC+, and Tracer Concierge. This could allow an attacker to bypass authentication and gain root-level access to the device. The issue impacts building automation networks, potentially providing a direct path to root access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trane Tracer SC Trane Tracer SC+ Trane Tracer Concierge **Description** A Use of Hard-coded, Security-relevant Constants issue exists in Trane Tracer SC, Tracer SC+, and Tracer Concierge. This could allow an attacker to disclose sensitive information and take over accounts. The issue involves the use of hard-coded, security-relevant constants. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An OS command injection issue exists that allows a logged-in attacker to execute code remotely on the system. This is achieved by submitting crafted input to the restore route. The `restore` route is susceptible to command injection due to improper input validation. The vulnerable parameter is not specified. **Recommendations** Update XWEB Pro to a version later than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions 1.12.1 and earlier **Description** An operating system command injection issue exists in XWEB Pro. A successful exploit allows an authenticated attacker to execute code remotely on the system by providing a manipulated firmware update file through the firmware update path. The vulnerable component is the firmware update route. The vulnerable parameter is the firmware update file. **Recommendations** Versions prior to 1.12.1 should be updated.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An OS command injection issue exists, allowing an authenticated attacker to execute code remotely. This is achieved by providing malicious input through the device hostname configuration during system setup. The system processes this input, leading to remote code execution. **Recommendations** Update to a version later than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** A flaw exists that allows a logged-in attacker to execute code on the system. This is possible by submitting crafted input into the username field of the import preconfiguration action via the API V1 route. The affected API endpoint is '/api/V1'. The vulnerable parameter is `username`. **Recommendations** Update to a version newer than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** Copeland XWEB Pro versions prior to 1.12.1 **Description** A flaw exists that allows an authentication bypass due to improper handling of return values from the authentication routine. The software processes an unexpected return value as legitimate, bypassing authentication controls. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An unauthenticated attacker can execute commands on the system remotely. This is possible by sending a specially crafted request to the libraries installation route and injecting malicious input into the request body. The application improperly processes requests, allowing for remote code execution (RCE). **Recommendations** Versions prior to 1.12.1 should be updated.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An operating system command injection issue exists that allows an authenticated attacker to execute code remotely. This is achieved by injecting malicious input into the map filename field during the map upload action of the parameters route. **Recommendations** Update to a version of XWEB Pro later than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An operating system command injection issue exists, allowing an authenticated attacker to execute code remotely. This is achieved by submitting crafted input to the firmware update route. The issue affects systems running the vulnerable software. **Recommendations** Update to a version newer than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is achieved by injecting malicious input into requests sent to the `/templates` route. The issue is an OS command injection. **Recommendations** Update to a version newer than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** An operating system command injection issue exists in XWEB Pro, allowing an authenticated attacker to execute code remotely on the system. This is achieved by providing a manipulated template file to the `/devices` route. The `template file` is the source of the injection. **Recommendations** Update to a version later than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is possible by injecting malicious input into the `devices` field when accessing the `/get setup` API endpoint. This results in remote code execution. **Recommendations** Update to a version newer than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions 1.12.1 and earlier **Description** A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is possible by injecting malicious input into the `devices` field within the firmware update apply action. The issue is an OS command injection. **Recommendations** Update XWEB Pro to a version later than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** A stack-based buffer overflow exists in an API route of XWEB Pro. This allows unauthenticated attackers to cause stack corruption and program termination. The vulnerable API route is not specified. **Recommendations** Update XWEB Pro to version 1.12.1 or later.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions 1.12.1 and earlier **Description** A flaw exists that allows a logged-in attacker to execute code on a system remotely. This is achieved by injecting malicious input into the `devices` field within the firmware update action. The injection leads to remote code execution. **Recommendations** Update XWEB Pro to a version newer than 1.12.1.

**Name of the Vulnerable Software and Affected Versions** XWEB Pro versions prior to 1.12.1 **Description** A flaw exists that allows a logged-in attacker to execute code remotely on a system. This is achieved by injecting harmful input into OpenSSL argument fields within requests sent to the utility route. The vulnerability leads to remote code execution. **Recommendations** Update to a version later than 1.12.1.