Q5Ca

**Name of the Vulnerable Software and Affected Versions** MARS (Multi-Application Recovery Service) versions prior to 1.2.1.1686 **Description** An SQL injection issue affects MARS (Multi-Application Recovery Service). Successful exploitation could allow remote attackers to execute unauthorized code or commands. It is estimated that over 3.25 million instances are exposed. The vulnerability allows attackers to potentially execute unauthorized code or commands through SQL injection. The API endpoints and vulnerable parameters are not specified. **Recommendations** Update MARS (Multi-Application Recovery Service) to version 1.2.1.1686 or later.

**Name of the Vulnerable Software and Affected Versions** Alpine Halo9 (affected versions not specified) **Description** This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this issue. The specific flaw exists within the `DecodeUTF7` function, resulting from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this issue to execute code in the context of root. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Xiaomi Pro 13 (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of Xiaomi Pro 13 smartphones. User interaction is required to exploit this issue, where the target must visit a malicious page or open a malicious file. The specific flaw exists within the manual-upgrade.html file, where the process does not properly sanitize user-supplied data for the `manualUpgradeInfo` parameter, leading to the injection of an arbitrary script. An attacker can leverage this issue to execute code in the context of the current user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange versions prior to the fixed version **Description** The vulnerability is related to insufficient input validation in the PowerShell component of Microsoft Exchange, allowing remote attackers to execute arbitrary code. This issue is also associated with a form of Privilege Escalation known as TabShell, which enables breaking out of the restricted PowerShell Sandbox after gaining access through OWASSRF. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Server Subscription Edition (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified) Microsoft SharePoint Foundation (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft SharePoint Server and its variants. This can be exploited by a remote attacker using specially crafted data to execute arbitrary code. **Recommendations** For Microsoft SharePoint Server, consider restricting access to sensitive areas of the system until a fix is available. For Microsoft SharePoint Server Subscription Edition, restrict the use of potentially vulnerable modules to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, avoid using potentially vulnerable functions until the issue is resolved. For Microsoft SharePoint Foundation, as a temporary workaround, consider disabling any features that may be related to the insufficient input validation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange Server (affected versions not specified) **Description** The issue is related to insufficient access controls in Microsoft Exchange Server, allowing a remote attacker to elevate their privileges. This vulnerability has been exploited in real-world incidents, such as the attack on the UK electoral commission, where data of approximately 40 million people may have been leaked. The vulnerability was also used in the breach of Rackspace, where the Play ransomware gang gained initial access to the company's email environment using a zero-day exploit. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Server (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft SharePoint Server, allowing a remote attacker to execute arbitrary code. This can be exploited by an attacker acting remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint Foundation, SharePoint Server, and SharePoint Enterprise Server (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft SharePoint products, allowing a remote attacker to execute arbitrary code. This can be achieved through the deserialization of untrusted data. The estimated number of potentially affected devices worldwide is not available. There is no information provided about real-world incidents where this issue was exploited. Technical details about exploitation include the potential for remote code execution, but specific API endpoints, vulnerable parameters, or function names are not mentioned. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.