Tomoomi Iwata

**Name of the Vulnerable Software and Affected Versions** Access analysis CGI An-Analyzer versions prior to 2023 December 31 **Description** The issue allows a remote unauthenticated attacker to redirect users to arbitrary websites and conduct phishing attacks via a specially crafted URL. **Recommendations** For versions prior to 2023 December 31, update to a version released after 2023 December 31 to resolve the issue. As a temporary workaround, consider restricting access to the affected CGI An-Analyzer module to minimize the risk of exploitation. Avoid using specially crafted URLs in the affected Access analysis CGI An-Analyzer until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: RFNTPS firmware versions System 01000004 and earlier RFNTPS firmware versions Web 01000004 and earlier Description: The issue allows an attacker on the same network segment to execute arbitrary OS commands with a root privilege via unspecified vectors. Recommendations: For RFNTPS firmware versions System 01000004 and earlier, update to a version later than System 01000004 to resolve the issue. For RFNTPS firmware versions Web 01000004 and earlier, update to a version later than Web 01000004 to resolve the issue.