Pipapupa

Name of the Vulnerable Software and Affected Versions: Mechrevo Control Center GX V2 version 5.56.51.48 Description: A vulnerability exists in Mechrevo Control Center GX V2 due to an uncontrolled search path within the reg File Handler component. The issue can be exploited on a local host, with a high attack complexity and difficult exploitation. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Mechrevo Control Center GX V2 version 5.56.51.48 Description: A vulnerability was identified that leads to an uncontrolled search path within the Powershell Script Handler component. The vulnerability affects the file C:Program FilesOEM机械革命控制中心AiStoneServiceMyControlCenterCommand. Local access is required for exploitation, and the attack complexity is considered high. The exploit has been publicly disclosed. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Eluktronics Control Center version 5.23.51.41 **Description** A critical issue exists in Eluktronics Control Center, potentially allowing for command injection. The issue affects an unknown function within the `AiStoneServiceMyControlCenterCommand` file of the Powershell Script Handler component. Local access is required for exploitation. The details of this issue have been publicly disclosed, and the vendor was notified but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Eluktronics Control Center version 5.23.51.41 **Description** A problematic issue exists within the REG File Handler component of the software due to insufficient verification of data authenticity. This can be exploited on the local host. The exploit has been publicly disclosed, and the vendor was informed but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.