Pierre Kim

**Name of the Vulnerable Software and Affected Versions** No specific product names, model numbers, or versions are mentioned in the provided descriptions. **Description** The issue concerns the web interface of affected devices, which is designed to hide LDAP credentials from administrative users. However, when LDAP authentication is configured to "SIMPLE", the device communicates with the LDAP server in clear-text, allowing the LDAP password to be retrieved from this communication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific product names, model numbers, or versions are mentioned in the provided descriptions. **Description** There are several hidden accounts, some of which are intended for maintenance engineers. With knowledge of their passwords, these accounts can be used to re-configure the device. The passwords can be obtained by examining the coredump. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Sharp Corporation products (affected versions not specified) **Description** The issue allows admin authentication to be bypassed using specific invalid credentials, granting administrative privileges. The telnet feature, which is implemented on older models, is planned to be removed via a firmware update. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue is related to improper processing of some parameters of `installed emanual list.html`, which leads to a path traversal vulnerability. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Inetutils versions through 2.3 MIT krb5-appl versions through 1.0.3 **Description** The issue is related to a NULL pointer dereference in the telnetd application, which can occur via specific byte sequences, such as 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash, but the telnet service would remain available through inetd. However, if the telnetd application experiences many crashes within a short time interval, the telnet service would become unavailable after inetd logs a "telnet/tcp server failing (looping), service terminated" error. **Recommendations** For GNU Inetutils versions through 2.3, consider disabling the telnetd application until a patch is available to prevent potential denial-of-service attacks. For MIT krb5-appl versions through 1.0.3, restrict access to the telnet service to minimize the risk of exploitation, as the affected code was removed from the supported MIT Kerberos 5 product many years ago. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Dell OpenManage Enterprise versions 3.4 through 3.6.1 Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00 **Description** The issue is a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability, leading to information disclosure and a possible elevation of privileges. **Recommendations** For Dell OpenManage Enterprise versions 3.4 through 3.6.1, update to a version outside of this range to mitigate the risk. For Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the subnet to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Yealink Device Management version 3.6.0.20 **Description** The issue is related to a lack of input data sanitization in the Yealink Device Management platform, allowing a remote attacker to execute arbitrary commands as the root user. Specifically, the "/sm/api/v1/firewall/zone/services" API endpoint is vulnerable to command injection without requiring authentication. **Recommendations** For Yealink Device Management version 3.6.0.20, consider disabling access to the "/sm/api/v1/firewall/zone/services" API endpoint until a patch is available. Additionally, restrict the use of the `firewall/zone/services` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered in the web daemon of FiberHome HG6245D devices, where hardcoded credentials for an ISP are present. The credentials are `f~i!b@e#r$h%o^m*esuperadmin / s(f)u h+g|u`. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded credentials to secure ones as a temporary workaround, until a patch is available. Restrict access to the web daemon to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon contains hardcoded admin and lnadmin credentials for an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the default admin and lnadmin credentials to custom, secure credentials as a temporary workaround. Restrict access to the web daemon to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon on the affected devices contains credentials for an ISP that are equal to the last part of the MAC address of the br0 interface. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the default credentials to prevent unauthorized access, and restrict access to the web daemon until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D devices through RP2613 Description: An issue was discovered where credentials in /fhconf/umconfig.txt are obfuscated via XOR with a hardcoded key. The `webs` binary contains details on how XOR is used for obfuscation. Recommendations: For FiberHome HG6245D devices through RP2613, consider restricting access to the `/fhconf/umconfig.txt` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where passwords and authentication cookies are stored in cleartext in the `web.log` HTTP logs. This allows for the potential retrieval of sensitive information. Recommendations: For FiberHome HG6245D versions through RP2613, consider restricting access to the `web.log` file to minimize the risk of exploitation. As a temporary workaround, disable the storage of sensitive information in the HTTP logs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D devices through RP2613 Description: An issue was discovered where the web management of the devices is done over HTTPS, using a hardcoded private key that has 0777 permissions. Recommendations: For FiberHome HG6245D devices through RP2613, consider restricting access to the web management interface until a fix is available. As a temporary workaround, restrict the permissions of the hardcoded private key to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon contains hardcoded `user` / `user1234` credentials for an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded credentials as a temporary workaround, and apply a patch if available to remove the hardcoded `user` / `user1234` credentials.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon contains hardcoded `trueadmin` / `admintrue` credentials for an ISP. This affects FiberHome HG6245D devices. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded `trueadmin` / `admintrue` credentials to secure ones to prevent unauthorized access. As a temporary workaround, restrict access to the web daemon until a patch is available.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered in the web daemon of the affected devices, where hardcoded admin credentials are present, specifically the username 'admin' and password 'G0R2U1P2ag', which are used by an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded admin credentials to secure ones as a temporary workaround, and await further guidance from the manufacturer for a permanent fix.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered in the web daemon of the affected devices, where hardcoded credentials `gestiontelebucaramanga / t3l3buc4r4m4ng42013` are used for an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded credentials to secure ones to prevent unauthorized access. As a temporary workaround, restrict access to the web daemon until a patch is available.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D devices through RP2613 Description: An issue was discovered where the web daemon contains hardcoded `adminpldt` / `z6dUABtl270qRxt7a2uGTiw` credentials for an ISP. Recommendations: For FiberHome HG6245D devices through RP2613, consider changing the hardcoded admin credentials to unique and secure ones to prevent unauthorized access. As a temporary workaround, restrict access to the web daemon until a more permanent solution is available.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon contains hardcoded admin and CUadmin credentials for an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the default admin and CUadmin credentials to custom, secure credentials as a temporary workaround. Restrict access to the web daemon to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FiberHome HG6245D versions through RP2613 Description: An issue was discovered where the web daemon on the affected devices contains hardcoded `rootmet` / `m3tr0r00t` credentials for an ISP. Recommendations: For FiberHome HG6245D versions through RP2613, consider changing the hardcoded `rootmet` / `m3tr0r00t` credentials to secure ones to prevent unauthorized access.