Saif Aziz

Name of the Vulnerable Software and Affected Versions: ZTE routers (affected versions not specified) Description: The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in the `check data integrity` function. This function is responsible for validating the checksum of data in post requests. The checksum is sent encrypted in the request, and the function decrypts it and stores the checksum on the stack without validating it. An unauthenticated attacker can gain remote code execution (RCE) as root by exploiting this vulnerability. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ZTE routers (affected versions not specified) Description: The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in the `session init` function. This function executes session -LUA- files stored in the `/var/lua session` directory using the `dofile` function without validation. An attacker who can write a malicious file in the sessions directory can achieve remote code execution as root. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware SD-WAN Edge (affected versions not specified) **Description** The issue is related to a missing authentication and protection mechanism in the VMware SD-WAN Edge appliance. A malicious actor with physical access to the appliance during activation can potentially exploit this to access the BIOS configuration. Additionally, the malicious actor may be able to exploit the default boot priority configured. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware SD-WAN Edge (affected versions not specified) **Description** The issue is related to an unauthenticated command injection vulnerability in the VMware SD-WAN Edge, potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack, which could lead to full control of the router. The vulnerability is associated with the failure to neutralize special elements used in the OS command. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Huawei datacom product (affected versions not specified) **Description** An improper access control issue exists, allowing attackers to exploit it and obtain partial device information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Huawei data communication product (affected versions not specified) **Description** The issue is related to a command injection vulnerability. Successful exploitation of this vulnerability may allow attackers to gain higher privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722 **Description** The issue allows the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this. **Recommendations** For PAX A930 device with PayDroid version 7.1.1 Virgo V04.5.02 20220722, consider restricting physical USB access to the device to minimize the risk of exploitation. As a temporary workaround, consider disabling the exec service until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PAX Technology A930 PayDroid version 7.1.1 Virgo V04.5.02 20220722 **Description** The issue allows attackers to compile a malicious shared library and use LD PRELOAD to bypass authorization checks. This can be achieved by utilizing the `LD PRELOAD` environment variable to load a malicious shared library, which can then be used to bypass authorization checks. **Recommendations** For PAX Technology A930 PayDroid version 7.1.1 Virgo V04.5.02 20220722, consider restricting the use of the `LD PRELOAD` environment variable to minimize the risk of exploitation. Additionally, monitor for any suspicious library loading activity to detect potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.