Shlomo Ben Yosef

#12283of 53,633
22.2Total CVSS
Vulnerabilities · 3
Medium
2
High
1
PT-2022-3575
10
2022-05-02
Unknown · Svi Ms Management System · CVE-2020-23621
**Name of the Vulnerable Software and Affected Versions** SVI MS Management System versions all **Description** The issue is related to insecure deserialization of user-supplied content in the Java Remote Management Interface, allowing attackers to execute arbitrary code via a crafted serialized Java object. This can be exploited by a remote attacker. **Recommendations** For all versions, consider disabling the Java Remote Management Interface until a patch is available to prevent exploitation. Restrict access to the interface to minimize the risk of arbitrary code execution. Avoid using user-supplied content in the interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-8687
6.1
2022-05-02
Totolink · Totolink N200Re · CVE-2020-23617
**Name of the Vulnerable Software and Affected Versions** Totolink N200RE and N100RE Routers version 2.0 **Description** A cross site scripting (XSS) vulnerability in the error page of the routers allows attackers to execute arbitrary web scripts or HTML via SCRIPT element. **Recommendations** For Totolink N200RE and N100RE Routers version 2.0, consider disabling the error page or restricting access to it until a patch is available. Avoid using the SCRIPT element in the error page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-8688
6.1
2022-05-02
Unknown · Xtend Voice Logger · CVE-2020-23618
**Name of the Vulnerable Software and Affected Versions** Xtend Voice Logger version 1.0 **Description** A reflected cross site scripting (XSS) issue allows attackers to execute arbitrary web scripts or HTML, via the path of the error page. This could potentially lead to unauthorized actions on the affected system. **Recommendations** For Xtend Voice Logger version 1.0, consider disabling the error page or restricting access to it until a patch is available. As a temporary workaround, avoid using the error page functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.