Team82

**Name of the Vulnerable Software and Affected Versions** ALGO 8180 IP Audio Alerter (affected versions not specified) **Description** A flaw exists in the web-based user interface of the ALGO 8180 IP Audio Alerter that allows remote attackers to execute arbitrary code. The issue stems from insufficient validation of user-supplied input before it is used in a system call. Authentication is required for exploitation. This allows an attacker to execute code within the device's context. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ALGO 8180 IP Audio Alerter (affected versions not specified) **Description** A flaw exists in the web-based user interface of the ALGO 8180 IP Audio Alerter that allows remote attackers to execute arbitrary code. Authentication is required for exploitation. The issue stems from insufficient validation of user-supplied input before it is used in a system call, enabling an attacker to execute code within the device's context. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** BlueStacks version 5.20 **Description** A lack of SSL certificate validation allows attackers to execute a man-in-the-middle attack and obtain sensitive information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** RUCKUS SmartZone (SZ) versions prior to 6.1.2p3 Refresh Build **Description** RUCKUS SmartZone (SZ) contains a hardcoded SSH private key for a root-equivalent user account. **Recommendations** Update RUCKUS SmartZone (SZ) to version 6.1.2p3 Refresh Build or later.