Ryu Kuki

**Name of the Vulnerable Software and Affected Versions** NETGEAR (affected versions not specified) **Description** Certain end-of-service NETGEAR products feature a “TelnetEnable” functionality. This functionality permits a magic packet to activate the telnet service on the device, potentially leading to unauthorized access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PLANEX COMMUNICATIONS network cameras (affected versions not specified) Description: A cross-site scripting issue exists in the web management page of the network cameras. If a logged-in user accesses a specific file, an arbitrary script may be executed on the user's web browser. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FUJIFILM printers (affected versions not specified) **Description** A cross-site request forgery issue allows a remote unauthenticated attacker to alter user information. If the targeted user is an administrator, settings such as the administrator's ID, password, etc., may be altered. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FXC AE1021 firmware version 2.0.9 and earlier FXC AE1021PE firmware version 2.0.9 and earlier **Description** An OS command injection vulnerability exists, allowing an attacker who can log in to the product to execute arbitrary OS commands. The vulnerability is related to the lack of measures to neutralize special elements used in the OS command. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary commands. New botnet malware has been found to exploit this flaw in routers. **Recommendations** For FXC AE1021 firmware version 2.0.9 and earlier, update to a version later than 2.0.9 to resolve the issue. For FXC AE1021PE firmware version 2.0.9 and earlier, update to a version later than 2.0.9 to resolve the issue. As a temporary workaround, consider restricting access to the product to minimize the risk of exploitation.