Xxynb

**Name of the Vulnerable Software and Affected Versions** Comfast CF-N1-S version 2.6.0.1 **Description** A security flaw in the Endpoint component allows remote attackers to perform command injection. This occurs through the manipulation of the `destination` argument within the '/cgi-bin/mbox-config?method=SET&section=ping config' endpoint. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ziroom ZHOME A0101 version 1.0.1.0 **Description** A weakness exists in the Dropbear SSH Service component of Ziroom ZHOME A0101. This issue allows for the use of default credentials, potentially enabling remote exploitation. The exploitability is considered difficult, but the exploit has been publicly released. The vendor was contacted regarding this issue but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.