Raphaël Huon

**Name of the Vulnerable Software and Affected Versions** Aginode GigaSwitch version v5 **Description** The issue allows attackers to access sensitive information via the use of the SCP command due to insecure permissions. **Recommendations** For Aginode GigaSwitch version v5, consider restricting access to the SCP command as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Aginode GigaSwitch V5 versions prior to 7.06G **Description** The issue allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vulnerabilities. This can be done by exploiting insecure permissions in the device. **Recommendations** For Aginode GigaSwitch V5 versions prior to 7.06G, update to version 7.06G or later to resolve the issue. As a temporary workaround, consider restricting access to firmware upload functionality to minimize the risk of exploitation. Restrict access to the SCP command to prevent attackers from accessing sensitive information.