Valentin Lobstein

**Name of the Vulnerable Software and Affected Versions** NVIDIA Spatial Intelligence Lab's (SIL) GEN3C (affected versions not specified) **Description** The inference API server contains an unauthenticated remote code execution flaw. The endpoints '/request-inference' and '/seed-model' deserialize raw HTTP request bodies using the Python `pickle.loads()` function without requiring authentication or performing input validation. An attacker can send a crafted payload containing a ` reduce ` gadget to the inference API port to execute arbitrary code with the privileges of the inference process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NetBox versions 4.3.5 through 4.5.4 **Description** An issue in the `RenderTemplateMixin.get environment params()` method allows authenticated users with `exporttemplate` or `configtemplate` permissions to execute arbitrary code. By specifying malicious Python callables in the `environment params` field, attackers can bypass Jinja2 SandboxedEnvironment protections. This is achieved by setting the `finalize` parameter to an importable Python callable, such as `subprocess.getoutput`, which is then invoked on every rendered expression outside the sandbox's call interception mechanism, resulting in remote code execution as the NetBox service user. **Recommendations** Update NetBox to a version later than 4.5.4. As a temporary workaround, restrict the `exporttemplate` and `configtemplate` permissions to only trusted users.

**Name of the Vulnerable Software and Affected Versions** OpenCATS versions prior to commit 3002a29 **Description** An unauthenticated PHP code injection issue exists in the installer AJAX endpoint. This allows attackers to execute arbitrary code by injecting PHP statements into the `databaseConnectivity` action parameter. By using a single quote and statement separator, an attacker can break out of the `define()` string context in the config.php file. The injected malicious code persists and executes on every subsequent page load as long as the installation wizard remains incomplete. **Recommendations** Update to commit 3002a29 or a newer version.

**Name of the Vulnerable Software and Affected Versions** LeRobot versions prior to 0.6.0 **Description** An unsafe deserialization issue exists in the asynchronous inference pipeline of the LeRobot robotics platform. The software uses the `pickle.loads()` function to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. A network-reachable unauthenticated attacker can achieve arbitrary code execution on the server or client by sending a specially crafted pickle payload through the 'SendPolicyInstructions', 'SendObservations', or 'GetActions' gRPC calls. This flaw specifically affects the PolicyServer component, potentially allowing the attacker to execute operating system commands on the host machine, steal sensitive data such as API keys and SSH credentials, or compromise connected robots and physical systems. **Recommendations** Update to version 0.6.0 once available. As a temporary workaround, restrict network access to the PolicyServer port to trusted sources only. Avoid using the 'SendPolicyInstructions', 'SendObservations', and 'GetActions' gRPC calls over unauthenticated and non-TLS channels.

**Name of the Vulnerable Software and Affected Versions** KTransformers versions prior to 0.5.4 **Description** In the `balance serve` backend mode, the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces without authentication. The server uses the `pickle.loads()` function to deserialize incoming messages without proper validation. This allows an attacker to send a specially crafted pickle payload to the exposed ZMQ socket, leading to arbitrary code execution on the server with the privileges of the ktransformers process. **Recommendations** Update to a version newer than 0.5.3. As a temporary mitigation, restrict access to the ZMQ socket or avoid using the `balance serve` backend mode until the update is applied.

Name of the Vulnerable Software and Affected Versions V2Board versions 1.6.1 through 1.7.4 and Xboard versions through 0.1.9 Description V2Board and Xboard are affected by an issue where authentication tokens are exposed in the HTTP response bodies of the `loginWithMailLink` endpoint when the `login with mail link enable` feature is active. An unauthenticated attacker can send a POST request to the `loginWithMailLink` endpoint with a known email address and receive a full authentication URL in the response. This URL can then be used to exchange the token at the `token2Login` endpoint, granting the attacker a valid bearer token with full account access, including administrative privileges. Recommendations For V2Board versions 1.6.1 through 1.7.4, disable the `login with mail link enable` feature. For Xboard versions through 0.1.9, disable the `login with mail link enable` feature.

Name of the Vulnerable Software and Affected Versions Windmill versions 1.56.0 through 1.614.0 Description Windmill versions 1.56.0 through 1.614.0 have a missing authorization vulnerability. Users with the Operator role can perform prohibited entity creation and modification actions via the backend API. The API does not enforce the Operator restriction on workspace endpoints, allowing Operators to create and update scripts, flows, apps, and raw apps. Operators can also execute scripts via the jobs API, potentially leading to remote code execution within the Windmill deployment. Recommendations Update Windmill to a version later than 1.614.0.

Name of the Vulnerable Software and Affected Versions Windmill CE and EE versions 1.276.0 through 1.603.2 Description Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality. Authenticated attackers can inject SQL through the `owner` parameter. This injection allows attackers to read sensitive data, such as the JWT signing secret and administrative user identifiers, forge an administrative token, and then execute arbitrary code via the workflow execution endpoints. Recommendations Windmill CE and EE versions 1.276.0 through 1.603.2 should be updated to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the folder ownership management functionality.

**Name of the Vulnerable Software and Affected Versions** OmniGen2-RL (affected versions not specified) **Description** OmniGen2-RL contains an unauthenticated remote code execution issue in the reward server component. Remote attackers can execute arbitrary commands by sending malicious HTTP POST requests. The root cause is insecure deserialization of request bodies using Python’s pickle module. The vulnerability does not require authentication, simplifying exploitation. The specific HTTP endpoint involved has not been detailed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Keygraph Shannon (affected versions not specified) **Description** Keygraph Shannon contains a hard-coded API key within its router configuration. When the router component is enabled and accessible, network attackers can use this publicly known key to authenticate. An attacker reaching the router port can proxy requests through the Shannon instance, utilizing the victim’s upstream provider API credentials. This can lead to unauthorized API usage and potential exposure of data within proxied requests and responses. The general exploitability of this issue has been mitigated with commit 023cc95. The affected API endpoint is the router configuration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openDCIM versions through 23.04 commit 4467e9c4 **Description** The software contains a SQL injection issue in the `Config::UpdateParameter` function. The `install.php` and `container-install.php` handlers directly incorporate user-provided input into SQL statements using string interpolation, lacking prepared statements or adequate input sanitization. An authenticated user can execute arbitrary SQL statements against the database. The vulnerable parameters are passed to the SQL statements without proper validation. **Recommendations** Versions prior to 23.04 commit 4467e9c4 should be updated.

**Name of the Vulnerable Software and Affected Versions** openDCIM versions 23.04 through commit 4467e9c4 **Description** The application retrieves the `dot` configuration parameter from the database and passes it directly to the `exec()` function without validation or sanitation. If an attacker can modify the `fac Config.dot` value, arbitrary commands may be executed in the context of the web server process. The vulnerable file is `report network map.php`. **Recommendations** Versions prior to commit 4467e9c4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** openDCIM version 23.04 through commit 4467e9c4 **Description** The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. This allows any authenticated user to access the functionality regardless of their assigned privileges. In deployments where `REMOTE USER` is set without authentication enforcement, the endpoints "install.php" and "container-install.php" may be accessible without credentials, enabling unauthorized modification of the application configuration. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SPIP jeux plugin versions prior to 4.1.1 **Description** The SPIP jeux plugin incorporates untrusted request parameters into HTML output without proper output encoding, which allows attackers to inject arbitrary script content into pages that render a jeux block. When a victim visits a crafted URL, the injected content is reflected into the response and executed in the victim's browser context. This is a reflected cross-site scripting (XSS) issue located in the `pre propre` pipeline. **Recommendations** Update the SPIP jeux plugin to version 4.1.1 or later.

**Name of the Vulnerable Software and Affected Versions** SPIP interface traduction objets plugin versions prior to 2.2.2 SPIP interface traduction objets plugin versions 2.2.2 through 4.3.3 **Description** The SPIP interface traduction objets plugin contains an authenticated remote code execution issue in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Fields prefixed with an underscore bypass protection mechanisms, and the hidden content is rendered with filtering disabled. This allows an authenticated attacker with editor-level privileges to inject crafted content that is evaluated through SPIP's template processing chain, resulting in code execution in the context of the web server. **Recommendations** Update the SPIP interface traduction objets plugin to version 2.2.2 or later. Update the SPIP interface traduction objets plugin to version 4.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** SPIP interface traduction objets plugin versions prior to 4.3.3 **Description** The SPIP interface traduction objets plugin is susceptible to an authenticated SQL injection issue. The plugin does not properly validate input for the `id parent` parameter when processing translation requests, specifically within the `interface traduction objets pipelines.php` file. This parameter is directly incorporated into a SQL query using the `sql getfetsel()` function without appropriate sanitization or parameterization. An attacker with editor-level privileges can inject malicious SQL code through the `id parent` parameter, potentially leading to database disclosure or modification, and potentially denial of service. **Recommendations** Update the SPIP interface traduction objets plugin to version 4.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** SPIP referer spam plugin versions prior to 1.3.0 **Description** The referer spam plugin is susceptible to an unauthenticated SQL injection. This occurs because the plugin’s `referer spam ajouter` and `referer spam supprimer` action handlers directly incorporate the `url` parameter from GET requests into SQL LIKE clauses without proper validation or parameterization. These endpoints lack authorization checks and SPIP action protections. This allows remote attackers to execute arbitrary SQL queries. **Recommendations** Update to referer spam plugin version 1.3.0 or later.

**Name of the Vulnerable Software and Affected Versions** SPIP tickets plugin versions prior to 4.3.3 **Description** The SPIP tickets plugin is affected by a remote code execution issue. An unauthenticated attacker can execute code on the web server through crafted content injection. The plugin appends untrusted request parameters into HTML that is rendered by a template using unfiltered environment rendering (`#ENV`), disabling SPIP output filtering. This allows the attacker to inject content that is evaluated by SPIP’s template processing chain. **Recommendations** Update the SPIP tickets plugin to version 4.3.3 or later.

**Name of the Vulnerable Software and Affected Versions** MajorDoMo (affected versions not specified) **Description** MajorDoMo contains an unauthenticated SQL injection issue in the commands module. The `commands search.inc.php` file directly uses the `$ GET['parent']` parameter in SQL queries without proper sanitization or parameterized queries. The `/objects/?module=commands` API endpoint allows loading arbitrary modules without authentication, calling their `usual()` method. This allows exploitation through time-based blind SQL injection using `UNION SELECT SLEEP()` syntax. Successful exploitation can lead to the extraction of admin credentials, which are stored as unsalted MD5 hashes in the users table, and subsequent access to the admin panel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MajorDoMo versions (affected versions not specified) **Description** MajorDoMo contains a stored cross-site scripting (XSS) issue through the `/objects/?op=set` API endpoint. This endpoint is intentionally unauthenticated for integration with IoT devices. User-provided property values are saved into the database without proper sanitization. When an administrator views the property editor within the admin panel, these stored values are displayed without escaping, both within a paragraph tag (SOURCE field) and a textarea element (VALUE field). The XSS is triggered upon page load, requiring no user interaction from the administrator. Furthermore, the session cookie does not have the HttpOnly flag set, which allows for session hijacking through `document.cookie` exfiltration. An attacker can identify properties using the unauthenticated `/api.php/data/` API endpoint and inject malicious JavaScript into any property. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.