Timothy Hoekstra

Name of the Vulnerable Software and Affected Versions: TP-Link AX10 Ax1500 version 1.3.10 Build (20230130) Description: An issue in TP-Link AX10 Ax1500 allows a remote attacker to obtain sensitive information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MailDev versions 2 through 2.1.0 **Description** The issue allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to `lib/mailserver.js` writing arbitrary code into the `routes.js` file. **Recommendations** For MailDev versions 2 through 2.1.0, consider disabling the `lib/mailserver.js` functionality until a patch is available to prevent exploitation through crafted e-mail attachments. At the moment, there is no information about a newer version that contains a fix for this vulnerability.