Utku Sen

**Name of the Vulnerable Software and Affected Versions** Huawei HG255s (affected versions not specified) **Description** The issue is related to a Clickjacking vulnerability. An attacker may trick a user into clicking a link, which could affect the integrity of a device by exploiting this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KERUI Wifi Endoscope Camera (YPC99) (affected versions not specified) **Description** The issue concerns missing authentication and improper input validation, allowing an attacker to execute arbitrary commands with a length limit of 19 characters via the `ssid` value in the body of a SETSSID command. For example, an attacker could use `ssid:;ping 192.168.1.2` to execute a command. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** KERUI Wifi Endoscope Camera (YPC99) (affected versions not specified) **Description** The issue concerns a lack of authentication in the KERUI Wifi Endoscope Camera, allowing unauthorized access to watch or block the camera stream. Specifically, the RTSP server on port 7070 is vulnerable, as it accepts commands without proper authentication. An attacker can use the `STOP` command to stop streaming and the `SETSSID` command to disconnect a user. **Recommendations** For KERUI Wifi Endoscope Camera (YPC99), consider disabling the RTSP server on port 7070 until a proper authentication mechanism is implemented to prevent unauthorized access to the camera stream. Restrict access to the `STOP` and `SETSSID` commands to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Airtame HDMI dongle versions prior to 3.0 **Description** The issue allows an attacker to set their own session ID via a "Cookie: PHPSESSID=" header in the `/bin/login.php` file of the Web Panel. This can be used to achieve persistent access to the admin panel even after an admin password change. **Recommendations** For versions prior to 3.0, update the firmware to version 3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/bin/login.php` file to minimize the risk of exploitation. Avoid using the `PHPSESSID` variable in the Cookie header until the issue is resolved.