Pedro Sousa Rodrigues

**Name of the Vulnerable Software and Affected Versions** upsMonitor in ViewPower (aka ViewPowerHTML) versions 1.04-21012 through 1.04-21353 **Description** The issue is related to insecure permissions for the service binary, allowing an authenticated user to modify files and enabling privilege escalation. **Recommendations** For versions 1.04-21012 through 1.04-21353, consider restricting access to the service binary to prevent modification by authenticated users until a patch is available. As a temporary workaround, limit the privileges of the authenticated users to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Core FTP Server version 1.2 Build 583 Description: A buffer overflow issue exists due to a crafted `username`. Recommendations: For Core FTP Server version 1.2 Build 583, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Anviz access control devices (affected versions not specified) **Description** The issue allows remote attackers to query private information, including pin codes and names, without credentials via port tcp/5010. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Anviz Management System (affected versions not specified) **Description** The issue concerns insufficient logging for device events, such as door open requests, in the Anviz Management System for access control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Anviz CrossChex access control management software versions 4.3.8.0 through 4.3.12 **Description** The issue is related to a buffer overflow vulnerability. It is caused by copying a buffer without checking the size of the input data. Exploitation of this issue may allow a remote attacker to execute arbitrary code in the target system by sending specially crafted network packets. **Recommendations** For versions 4.3.8.0 through 4.3.12, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Anviz access control devices (affected versions not specified) **Description** The issue concerns replay attacks that could allow attackers to intercept and replay open door requests. This could potentially compromise the security of the access control devices. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Anviz access control devices (affected versions not specified) **Description** The issue allows remote attackers to query credential information, including names and passwords, without credentials via port tcp/5010. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BIBLIOsoft BIBLIOpac version 2008 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `db` or `action` parameter to the "/bin/wxis.exe/bibliopac/" API endpoint. **Recommendations** For BIBLIOsoft BIBLIOpac version 2008, as a temporary workaround, consider restricting access to the `/bin/wxis.exe/bibliopac/` endpoint to minimize the risk of exploitation. Avoid using the `db` and `action` parameters in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RISI Gestao de Horarios version 3201.09.08 rev.23 **Description** The issue allows SQL Injection, which can potentially be exploited to extract or modify sensitive data. **Recommendations** For version 3201.09.08 rev.23, update to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Reprise License Manager version 11.0 Description: A Path Traversal issue allows an attacker to access files on the server's file system by modifying a field in the web request. Specifically, by specifying a pathname in the `lf` parameter to the "goform/edit lf get data" URI, an attacker can retrieve the content of a file. Recommendations: For Reprise License Manager version 11.0, consider restricting access to the "goform/edit lf get data" URI to minimize the risk of exploitation. Avoid using the `lf` parameter in this URI until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.