Secuid0

**Name of the Vulnerable Software and Affected Versions** Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2 **Description** The issue allows remote attackers to bypass authentication and remove IP addresses from the quarantine. This is achieved via the `ip` parameter to the "webadmin/user/quarantine disable.php" endpoint. **Recommendations** For versions prior to 3.1.10, update to version 3.1.10 or later. For versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** Netsweeper versions prior to 4.0.5 **Description** The issue allows remote attackers to bypass authentication and create arbitrary accounts and policies via a request to "webadmin/nslam/index.php". **Recommendations** For versions prior to 4.0.5, update to version 4.0.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2 **Description** The issue allows remote attackers to bypass authentication and create arbitrary profiles via a `showdeny` action to the default URL. **Recommendations** For versions prior to 3.1.10, update to version 3.1.10 or later. For versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2 **Description** The issue allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code. This can be achieved by uploading a file with a double extension to webadmin/ajaxfilemanager/ajaxfilemanager.php, and then accessing it via a direct request to the file in webadmin/deny/images/. For example, a file named secuid0.php.gif can be used for this purpose. **Recommendations** For versions prior to 3.1.10, update to version 3.1.10 or later. For versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2 **Description** The issue allows remote attackers to bypass authentication and perform certain actions on the server, such as creating a system backup tarball, restarting the server, or stopping the filters. This can be achieved by including a ' (single quote) character in the `login` and `password` parameters to the "webupgrade/webupgrade.php" endpoint. **Recommendations** For Netsweeper versions prior to 3.1.10, update to version 3.1.10 or later. For Netsweeper versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For Netsweeper versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later. As a temporary workaround, consider restricting access to the "webupgrade/webupgrade.php" endpoint until a patch is available. Avoid using the `login` and `password` parameters with unvalidated input in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Ericsson Drutt Mobile Service Delivery Platform (MSDP) versions 4 through 6 **Description** The issue allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI, which is a directory traversal vulnerability in the Instance Monitor. **Recommendations** For versions 4 through 6, consider restricting access to the Instance Monitor until a fix is available. As a temporary workaround, avoid using the ..%2f sequence in the default URI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Subex ROC Fraud Management versions 7.4 and earlier **Description** The issue allows remote attackers to execute arbitrary SQL commands via the `ranger user[name]` parameter in the login page, specifically the "login/login" endpoint. **Recommendations** For Subex ROC Fraud Management versions 7.4 and earlier, update to a version later than 7.4 to resolve the issue. As a temporary workaround, consider restricting access to the "login/login" endpoint to minimize the risk of exploitation. Avoid using the `ranger user[name]` parameter in the affected login page until the issue is resolved.