Zh3-H4Ck

Name of the Vulnerable Software and Affected Versions: Gate One version 1.2.0 Description: The issue allows attackers to bypass the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list. Recommendations: For Gate One version 1.2.0, consider restricting access to the origins list to prevent unauthorized connections until a patch is available. As a temporary workaround, review and manually verify the hosts connected to Gate One instances to ensure they are authorized. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FrontAccounting version 2.4.7 **Description** An issue was discovered in FrontAccounting, which is a Directory Traversal vulnerability. This vulnerability can be exploited to empty a folder via the `admin/inst lang.php` endpoint. The estimated number of potentially affected devices worldwide is not available. **Recommendations** For FrontAccounting version 2.4.7, as a temporary workaround, consider restricting access to the `admin/inst lang.php` endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.