Travis Lee

**Name of the Vulnerable Software and Affected Versions** AVer Information EH6108H+ version X9.03.24.00.07l **Description** The issue concerns the /setup URI, which allows remote attackers to bypass intended page-access restrictions or modify passwords by leveraging knowledge of a `handle` parameter value. **Recommendations** For AVer Information EH6108H+ version X9.03.24.00.07l, as a temporary workaround, consider restricting access to the /setup URI until a patch is available. Avoid using the `handle` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** AVer Information EH6108H+ devices with firmware X9.03.24.00.07l **Description** The issue allows remote attackers to obtain root access by leveraging knowledge of hardcoded account credentials and establishing a TELNET session. **Recommendations** For AVer Information EH6108H+ devices with firmware X9.03.24.00.07l, consider disabling TELNET access as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** AVer Information EH6108H+ devices with firmware X9.03.24.00.07l **Description** The issue allows context-dependent attacks to obtain sensitive information by reading cleartext strings. The devices store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers. **Recommendations** For AVer Information EH6108H+ devices with firmware X9.03.24.00.07l, consider disabling the use of cleartext credentials in HTTP Cookie headers as a temporary workaround until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue allows remote attackers to execute arbitrary code by uploading a file via an unspecified page, due to multiple unrestricted file upload vulnerabilities. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue allows remote attackers to execute arbitrary commands, related to a command injection problem. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue allows remote attackers to obtain sensitive information via requests to unspecified pages because database credentials are stored in cleartext. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later to resolve the issue. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue makes it easier for context-dependent attackers to obtain sensitive information. This is due to the use of an XOR format for password encryption, allowing attackers to read a key file and the encrypted strings. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via an arbitrary text field, which can lead to cross-site scripting (XSS) attacks. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later.

**Name of the Vulnerable Software and Affected Versions** Agile FleetCommander versions prior to 4.08 Agile FleetCommander Kiosk versions prior to 4.08 **Description** The issue allows remote attackers to hijack the authentication of arbitrary users for requests that modify passwords, accounts, or permissions due to multiple cross-site request forgery (CSRF) vulnerabilities. **Recommendations** For Agile FleetCommander versions prior to 4.08, update to version 4.08 or later. For Agile FleetCommander Kiosk versions prior to 4.08, update to version 4.08 or later.

**Name of the Vulnerable Software and Affected Versions** Johnson Controls CK721-A controller versions prior to SSM4388 03.1.0.14 BB **Description** The issue allows remote attackers to perform arbitrary actions via crafted packets to the TCP port 41014, also known as the download port. **Recommendations** For versions prior to SSM4388 03.1.0.14 BB, update the firmware to SSM4388 03.1.0.14 BB or later to resolve the issue. As a temporary workaround, consider restricting access to TCP port 41014 to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bradford Network Sentry versions prior to 5.3.3 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the GuestAccess.jsp file within the Guest/Contractor access component of the administrative interface. These vulnerabilities allow remote authenticated users to inject arbitrary web script or HTML via unspecified fields. **Recommendations** For versions prior to 5.3.3, update to version 5.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the GuestAccess.jsp file until a patch is applied. Avoid using unspecified fields in the Guest/Contractor access component of the administrative interface until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Bradford Network Sentry versions prior to 5.3.3 **Description** The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface. These vulnerabilities allow remote attackers to hijack the authentication of administrators for requests, including inserting XSS sequences or sending messages to clients. **Recommendations** For versions prior to 5.3.3, update to version 5.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bradford Network Sentry versions prior to 5.3.3 **Description** The issue allows remote attackers to trigger the display of arbitrary text on a workstation via a crafted packet to "UDP port 4567", as demonstrated by a replay attack, due to the lack of authentication requirement for messages. **Recommendations** For versions prior to 5.3.3, update to version 5.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to UDP port 4567 to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** BMC Identity Management Suite version 7.5.00.103 **Description** A cross-site request forgery issue exists, allowing remote attackers to hijack administrator authentication for password change requests. The issue is related to the password-manager/changePasswords.do endpoint. **Recommendations** For BMC Identity Management Suite version 7.5.00.103, consider disabling access to the password-manager/changePasswords.do endpoint until a fix is available to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** ForeScout CounterACT appliance versions 6.3.3.2 through 6.3.4.10 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the status program. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters. The vulnerable parameters are the `loginname` parameter in a forgotpass action and the `username` parameter. **Recommendations** For ForeScout CounterACT appliance versions 6.3.3.2 through 6.3.4.10, avoid using the `loginname` parameter in a forgotpass action and the `username` parameter until a fix is available. As a temporary workaround, consider restricting access to the forgotpass action and limiting the use of the `username` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bloxx Web Filtering versions prior to 5.0.14 **Description** The issue allows context-dependent attackers to determine cleartext passwords more easily via a rainbow-table approach because it does not use a salt during the calculation of a password hash. **Recommendations** For versions prior to 5.0.14, update to version 5.0.14 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bloxx Web Filtering versions prior to 5.0.14 **Description** The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface. These vulnerabilities allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions. **Recommendations** For versions prior to 5.0.14, update to version 5.0.14 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bloxx Web Filtering versions prior to 5.0.14 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via web traffic examined within the Bloxx Reports component. Additionally, remote authenticated administrators can inject arbitrary web script or HTML via vectors involving administrative menu functions. **Recommendations** For versions prior to 5.0.14, update to version 5.0.14 or later to resolve the issue. As a temporary workaround, consider restricting access to the Bloxx Reports component and administrative menu functions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Mutare EVM (affected versions not specified) **Description** The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities allow remote attackers to hijack the authentication of arbitrary users for specific requests, including changing a PIN, deleting messages, adding a delivery address, or changing a delivery address. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mutare EVM (affected versions not specified) **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML, potentially via a delivery address and possibly a PIN. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.