Xistence

**Name of the Vulnerable Software and Affected Versions** ZOHO ManageEngine OpManager versions 11.5 build 11600 and earlier **Description** The issue allows remote authenticated users to obtain administrator access by leveraging knowledge of a hardcoded password. The hardcoded password is used for the IntegrationUser account. **Recommendations** For ZOHO ManageEngine OpManager versions 11.5 build 11600 and earlier, change the hardcoded password `plugin` for the IntegrationUser account to a unique and secure password to prevent unauthorized access. As a temporary workaround, consider restricting access to the IntegrationUser account until a secure password is set.

**Name of the Vulnerable Software and Affected Versions** ManageEngine OpManager versions 11.6, 11.5, and earlier **Description** The issue allows remote administrators to bypass SQL query restrictions. This can be achieved by including a comment in the query to the "api/json/admin/SubmitQuery" API endpoint, such as using "INSERT/**/INTO" to bypass restrictions. **Recommendations** For ManageEngine OpManager versions 11.6, 11.5, and earlier, consider restricting access to the "api/json/admin/SubmitQuery" API endpoint until a fix is available. As a temporary workaround, limit the ability of remote administrators to submit queries that could potentially bypass SQL query restrictions.

**Name of the Vulnerable Software and Affected Versions** Western Digital Arkeia versions 11.0.12 and earlier **Description** The issue is related to insufficient access control in the arkeiad daemon of the Arkeia Backup Agent, allowing remote attackers to bypass authentication. Attackers can execute arbitrary commands by sending a series of crafted requests involving the `ARKFS EXEC CMD` operation. **Recommendations** For Western Digital Arkeia versions 11.0.12 and earlier, consider restricting access to the arkeiad daemon to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the `ARKFS EXEC CMD` operation in the affected daemon until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ManageEngine EventLog Analyzer versions 10.6 build 10060 and earlier **Description** The issue allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands. This can be achieved by sending an allowed query followed by a disallowed one in the `query` parameter to the "event/runQuery.do" endpoint, as demonstrated by "SELECT 1;INSERT INTO." **Recommendations** For ManageEngine EventLog Analyzer versions 10.6 build 10060 and earlier, update to Build 11200 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ManageEngine SupportCenter Plus versions 7.9 through 7917 **Description** A directory traversal issue allows remote attackers to read arbitrary files by using a ..%2f (dot dot encoded slash) in the `attach` parameter to "WorkOrder.do" in the file attachment for a new ticket. **Recommendations** For ManageEngine SupportCenter Plus versions 7.9 through 7917, update to version 7917 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Cisco WAP4410N access point versions 2.0.6.1 and earlier Cisco WRVS4400N router versions 1.1.13 and earlier, versions 2.0.2.1 and earlier Cisco RVS4000 router versions 2.0.3.2 and earlier **Description** The issue allows remote attackers to read credential and configuration data and execute arbitrary commands via requests to the test interface on TCP port 32764. **Recommendations** For Cisco WAP4410N access point versions 2.0.6.1 and earlier, update the firmware to a version later than 2.0.6.1. For Cisco WRVS4400N router versions 1.1.13 and earlier, update the firmware to a version later than 1.1.13. For Cisco WRVS4400N router versions 2.0.2.1 and earlier, update the firmware to a version later than 2.0.2.1. For Cisco RVS4000 router versions 2.0.3.2 and earlier, update the firmware to a version later than 2.0.3.2. As a temporary workaround, consider restricting access to the test interface on TCP port 32764 until a patch is available.