Waiwai24

**Name of the Vulnerable Software and Affected Versions** Vaelsys version 4.1.0 **Description** A critical issue exists in Vaelsys 4.1.0 related to os command injection. The `execute DataObjectProc` function within the `/grid/vgrid server.php` file is vulnerable. Manipulation of the `xajaxargs` argument can lead to unauthorized command execution. The exploit has been publicly disclosed. **Recommendations** As a temporary workaround, consider restricting access to the `/grid/vgrid server.php` file until a patch is available. Avoid using the `xajaxargs` argument in the affected file `/grid/vgrid server.php` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Vaelsys version 4.1.0 **Description** A critical vulnerability exists in the User Creation Handler component of the software, affecting unknown processing of the file `/grid/vgrid server.php`. This manipulation results in improper authorization, potentially allowing remote attackers to exploit the issue. The exploit has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** Versions prior to 4.1.0 are not affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Vaelsys version 4.1.0 **Description** A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file `/grid/vgrid server.php` of the component MD4 Hash Handler. The manipulation of the argument `xajaxargs` leads to the use of a weak hash. The attack can be initiated remotely, but the complexity is rather high and exploitation appears to be difficult. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Teledyne FLIR FB-Series O versions 1.3.2.16 Teledyne FLIR FH-Series versions 1.3.2.16 **Description:** A critical issue exists in Teledyne FLIR FB-Series O and FLIR FH-Series. The vulnerability is related to improper access controls within the Production Tools component, specifically affecting the file `/priv/production/production.html`. The issue can be exploited remotely. The exploit has been publicly disclosed and may be actively used. The vendor was informed of the issue but did not respond. **Recommendations:** Teledyne FLIR FB-Series O version 1.3.2.16: At the moment, there is no information about a newer version that contains a fix for this vulnerability. Teledyne FLIR FH-Series version 1.3.2.16: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Teledyne FLIR FB-Series O and FLIR FH-Series ID version 1.3.2.16 **Description:** A problematic issue exists due to the use of a hard-coded password. The attack can be initiated remotely and has a rather high complexity, with exploitation considered difficult. The exploit has been publicly disclosed and may be used. The vendor was contacted but did not respond. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Teledyne FLIR FB-Series O and FLIR FH-Series version 1.3.2.16 **Description:** A critical issue exists in the `sendCommand` function of the `runcmd.sh` file. Manipulation of the `cmd` argument can lead to command injection. The attack can be initiated remotely, but is considered complex and difficult to exploit. The functionality is currently disabled due to server CGI configuration errors, but is considered a potential risk. The vendor was contacted but did not respond. **Recommendations:** Versions prior to 1.3.2.16: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC1900 LB-LINK BL-AC2100 AZ3 LB-LINK BL-AC3600 LB-LINK BL-AX1800 LB-LINK BL-AX5400P LB-LINK BL-WR9000 versions up to 20250702 Description: A critical vulnerability exists that leads to information disclosure. The vulnerability affects the `bs GetHostInfo` function within the `libblinkapi.so` library, located in the `/cgi-bin/lighttpd.cgi` file. The attack can be initiated remotely. The exploit has been publicly disclosed. Recommendations: For LB-LINK BL-AC1900, BL-AC2100 AZ3, BL-AC3600, BL-AX1800, BL-AX5400P, and BL-WR9000 versions up to 20250702, update to a newer version that addresses this issue. As a temporary workaround, consider restricting access to the `/cgi-bin/lighttpd.cgi` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions:** LB-LINK BL-AC1900 LB-LINK BL-AC2100 AZ3 LB-LINK BL-AC3600 LB-LINK BL-AX1800 LB-LINK BL-AX5400P LB-LINK BL-WR9000 versions up to 20250702 **Description:** A critical vulnerability exists that leads to information disclosure. The issue is located in the `bs GetManPwd` function within the `libblinkapi.so` library of the `/cgi-bin/lighttpd.cgi` file. The attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations:** For LB-LINK BL-AC1900, BL-AC2100 AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 versions up to 20250702, update to a version later than 20250702.

**Name of the Vulnerable Software and Affected Versions** LB-LINK BL-AC1900, BL-AC2100 AZ3, BL-AC3600, BL-AX1800, BL-AX5400P, BL-WR9000 versions up to 20250702 **Description** A critical vulnerability exists in the Web Interface component of the affected devices. The vulnerability is related to the `reboot/restore` function within the `/cgi-bin/lighttpd.cgi` file, leading to improper authentication. This allows for remote attacks. The exploit for this issue has been publicly disclosed. The vendor was informed of the vulnerability but did not respond. **Recommendations** LB-LINK BL-AC1900 versions prior to 20250702 LB-LINK BL-AC2100 AZ3 versions prior to 20250702 LB-LINK BL-AC3600 versions prior to 20250702 LB-LINK BL-AX1800 versions prior to 20250702 LB-LINK BL-AX5400P versions prior to 20250702 LB-LINK BL-WR9000 versions prior to 20250702 As a temporary workaround, consider disabling access to the `/cgi-bin/lighttpd.cgi` file until a patch is available.

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 versions up to 1.0.22 Description: A critical issue exists in the Web Management Interface component of LB-LINK BL-AC3600. The `geteasycfg` function within the `/cgi-bin/lighttpd.cgi` file is susceptible to information disclosure through manipulation of the `Password` argument. This attack can be initiated remotely. The exploit has been publicly disclosed. Recommendations: Versions prior to 1.0.22: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LB-LINK BL-AC3600 version 1.0.22 **Description** A critical vulnerability exists in LB-LINK BL-AC3600 version 1.0.22. The issue affects some unknown functionality of the file `/etc/shadow`. Manipulation of the input `root:blinkadmin` leads to the exposure of hard-coded credentials. Local access is required for exploitation. The exploit has been publicly disclosed. The vendor was notified but did not respond. **Recommendations** LB-LINK BL-AC3600 version 1.0.22: At the moment, there is no information about a newer version that contains a fix for this vulnerability.