Swings

**Name of the Vulnerable Software and Affected Versions** NETGEAR R6400v2 versions prior to 1.0.4.118 **Description** The issue is related to a Buffer Overflow in the httpd service of the NETGEAR R6400v2 Wi-Fi router's firmware, which can be exploited by remote unauthenticated attackers to execute arbitrary code. This can be achieved via a crafted URL to the `httpd` service. The exploitation may allow a remote attacker to execute arbitrary code using a specially crafted malicious web page. **Recommendations** For versions prior to 1.0.4.118, update to version 1.0.4.118 or later to resolve the issue. As a temporary workaround, consider restricting access to the `httpd` service until a patch is applied. Avoid using crafted URLs that may trigger the Buffer Overflow vulnerability in the `httpd` service.

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions 11.4 through 11.4-RELEASE before p10 FreeBSD versions 12.2 through 12.2-RELEASE before p7 FreeBSD versions 13.0 through 13.0-RELEASE before p1 **Description** The issue exists due to insufficient input validation in the libradius service of the FreeBSD operating system. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For versions 11.4 through 11.4-RELEASE before p10, update to a version after p10. For versions 12.2 through 12.2-RELEASE before p7, update to a version after p7. For versions 13.0 through 13.0-RELEASE before p1, update to a version after p1.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in the web-based management interface of the affected devices. These vulnerabilities exist due to improper validation of HTTP requests, which could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers (affected versions not specified) **Description** The issue is related to errors in processing HTTP requests in the web-based management interface of the affected devices. This could allow a remote attacker to execute arbitrary code on an affected device. The vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DSR-250 version 3.14 D-Link DSR-1000N version 2.11B201 Description: The UPnP service in the affected devices contains a command injection issue, which can lead to remote command execution. Recommendations: For D-Link DSR-250 version 3.14, consider disabling the UPnP service until a patch is available. For D-Link DSR-1000N version 2.11B201, consider disabling the UPnP service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: accel-ppp (affected versions not specified) Description: A variable underflow exists in the radius/packet.c file of accel-ppp when receiving a RADIUS vendor-specific attribute with a length field less than 2. This issue can lead to arbitrary code execution, but only when the attacker controls the RADIUS server. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco RV110W versions not specified Cisco RV130 versions not specified Cisco RV130W versions not specified Cisco RV215W versions not specified **Description** The issue exists due to insufficient validation of user input in the web-based management interface of the affected routers. This could allow a remote attacker to execute arbitrary code or cause the device to restart unexpectedly. The attacker would need valid administrator credentials to exploit the issue. The estimated number of potentially affected devices is not specified. **Recommendations** For Cisco RV110W, update to a version that addresses the issue, if available. For Cisco RV130, update to a version that addresses the issue, if available. For Cisco RV130W, update to a version that addresses the issue, if available. For Cisco RV215W, update to a version that addresses the issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. **Description** The issue is a command injection vulnerability that could allow remote attackers to execute arbitrary commands if exploited. **Recommendations** For QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907, update to version 4.4.3.1421 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ACCEL-PPP (affected versions not specified) **Description** A buffer overflow issue occurs when receiving an L2TP control packet with an AVP of type string and no hidden flags, where the length is set to less than 6. This issue is particularly concerning for applications used in open networks or those with untrusted nodes. **Recommendations** Apply the patch from commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b to resolve the issue. As a temporary workaround, changes from commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions.