S. Dietz

**Name of the Vulnerable Software and Affected Versions** versions prior to 2025-41745 **Description** An XSS issue exists in the `pxc portCntr2.php` file. An unauthenticated remote attacker can manipulate an authenticated user into sending a crafted POST request to the device, potentially altering parameters accessible through the web-based management interface (WBM). The vulnerability’s impact is limited to device configuration parameters within the web application’s scope and does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** versions prior to the fix for CVE-2025-41752 **Description** An XSS vulnerability exists in the `pxc portSfp.php` file. An unauthenticated remote attacker can exploit this to trick an authenticated user into clicking a malicious link, potentially altering device configuration parameters accessible through the web-based management interface (WBM). The vulnerability does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pxc PortCfg.php (affected versions not specified) **Description** An XSS issue exists in the pxc PortCfg.php file. An unauthenticated remote attacker can potentially trick an authenticated user into clicking a malicious link, allowing the attacker to modify device configuration parameters accessible through the web-based management interface. The vulnerability does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. The attack requires a user to click a link provided by the attacker. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** port util.php (affected versions not specified) **Description** An XSS issue exists in the `port util.php` file. An unauthenticated remote attacker can potentially trick an authenticated user into clicking a malicious link, allowing the attacker to modify device configuration parameters accessible through the web-based management interface (WBM). The session cookie is protected by the httpOnly flag, preventing session hijacking. The issue does not grant access to system-level resources or privileged functions. The attack involves manipulating parameters available via the web interface. The API endpoint involved is not specified. The vulnerable parameter is not specified. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pxc Dot1xCfg.php (affected versions not specified) **Description** An XSS issue exists in pxc Dot1xCfg.php that allows an unauthenticated remote attacker to potentially manipulate an authenticated user into clicking a malicious link. This could lead to changes in device configuration parameters accessible through the web-based management interface (WBM). The vulnerability does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pxc vlanIntfCfg.php (affected versions not specified) **Description** An XSS issue exists in `pxc vlanIntfCfg.php`. An unauthenticated remote attacker can manipulate an authenticated user into sending a crafted POST request to the device, potentially altering parameters accessible through the web-based management interface (WBM). The vulnerability’s impact is limited to device configuration parameters within the web application’s context and does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. The vulnerable file is `pxc vlanIntfCfg.php` and the attack involves manipulating a POST request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** pxc portSecCfg.php (affected versions not specified) **Description** An XSS vulnerability exists in the pxc portSecCfg.php file. An unauthenticated remote attacker can exploit this to manipulate an authenticated user into sending a crafted POST request to the device. This allows modification of parameters accessible through the web-based management interface (WBM). The vulnerability’s impact is limited to device configuration parameters within the web application’s context and does not grant access to system-level resources or privileged functions. The session cookie is protected by the httpOnly flag, preventing session hijacking. The vulnerable file is `pxc portSecCfg.php`. The attack involves manipulating a POST request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Novakon P series version P – V2001.A.C518o2 **Description** A path traversal issue exists in Novakon P series that can expose the root file system "/" and allow modification of all files with root permissions, potentially leading to system compromise. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Novakon P series versions prior to V2001.A.C518o2 **Description** A flaw in privilege management within Novakon P series devices allows attackers to obtain root privileges if a single service is compromised. This impacts industrial environments and poses a significant risk. **Recommendations** Update to version V2001.A.C518o2 or later.

**Name of the Vulnerable Software and Affected Versions** Novakon P series version P – V2001.A.C518o2 **Description** A default or missing password for the root user allows physical attackers to easily access the console. This impacts the Novakon P series devices. **Recommendations** Set a strong password for the root user to prevent unauthorized console access.

**Name of the Vulnerable Software and Affected Versions** Novakon P series version V2001.A.C518o2 **Description** A buffer overflow exists in Novakon P series. Successful exploitation allows attackers to obtain root permission without authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageIO (affected versions not specified) **Description** An issue exists in ImageIO that could allow for arbitrary code execution through maliciously crafted images. This issue was actively exploited. The vulnerability does not provide access to system-level resources or privileged functions, but allows execution of code via images. An estimated number of affected devices is not available. The session cookie is secured by the httpOnly Flag. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Novakon P series versions P – V2001.A.C518o2 **Description** An improper authentication issue exists in Novakon P series devices. This allows unauthenticated attackers to upload and download applications to and from the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Riello Netman 204 versions through 4.05 Description: The issue is related to improper neutralization of special elements, resulting in a SQL Injection vulnerability. This vulnerability is limited to the SQLite database of measurement data. Recommendations: For versions through 4.05, patch the system immediately and review logs for signs of compromise. Prioritize patching on all affected systems. As a temporary workaround, consider restricting access to the SQLite database of measurement data until a patch is available.

Name of the Vulnerable Software and Affected Versions: Riello Netman 204 versions through 4.05 Description: The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device. Recommendations: For versions through 4.05, update the software to a version that fixes this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PerkinElmer ProcessPlus versions through 1.11.6507.0 **Description** The issue allows an attacker to spawn a remote shell on the Windows system due to execution with unnecessary privileges in PerkinElmer ProcessPlus. **Recommendations** For versions through 1.11.6507.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PerkinElmer ProcessPlus versions through 1.11.6507.0 **Description** The issue is related to the use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows, allowing an attacker to login and potentially remove data on all prone installations. **Recommendations** For PerkinElmer ProcessPlus versions through 1.11.6507.0, consider changing the hard-coded MSSQL credentials to secure ones as a temporary workaround, until a patch is available. Restrict access to the MSSQL database to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PerkinElmer ProcessPlus versions through 1.11.6507.0 **Description** The issue is related to a local file inclusion in PerkinElmer ProcessPlus, allowing files on the Windows system to be accessible without authentication to external parties. **Recommendations** For versions through 1.11.6507.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Korenix JetPort 5601v3 versions 1.2 and earlier **Description** The issue is related to the missing encryption of sensitive data, which allows eavesdropping. This can be exploited by a remote attacker to bypass existing security restrictions. **Recommendations** For Korenix JetPort 5601v3 versions 1.2 and earlier, consider implementing encryption for sensitive data transmission to prevent eavesdropping. As a temporary workaround, restrict access to sensitive data until a proper encryption mechanism is in place. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Korenix JetPort 5601v3 versions 1.2 and earlier **Description** The issue is related to improper filtering of special characters, resulting in a command injection vulnerability. This vulnerability may allow a remote attacker to bypass existing security restrictions. **Recommendations** For Korenix JetPort 5601v3 versions 1.2 and earlier, update to a version that addresses the command injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.