Zhou Yu

**Name of the Vulnerable Software and Affected Versions** Advantech WebAccess versions 8.1 and prior **Description** An Absolute Path Traversal issue may allow an attacker to traverse the file system to access restricted files or directories. **Recommendations** For Advantech WebAccess versions 8.1 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa SoftCMS versions prior to 1.6 **Description** An issue in Moxa SoftCMS Webserver allows an attacker to provide unexpected input values, potentially causing the program to crash or leading to excessive consumption of resources, which could result in a denial-of-service condition. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the webserver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Moxa DACenter versions 1.4 and older **Description** An issue was discovered in the application, which may suffer from an unquoted search path issue. **Recommendations** For Moxa DACenter versions 1.4 and older, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Moxa DACenter versions 1.4 and older **Description** An issue was discovered that may cause the program to crash due to Uncontrolled Resource Consumption when a specially crafted project file is used. **Recommendations** For Moxa DACenter versions 1.4 and older, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa SoftCMS versions prior to 1.6 **Description** The issue allows a remote attacker to gain access with administrator privileges through specially crafted input, leveraging a SQL injection technique. This occurs because the SoftCMS Application does not properly sanitize input. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moxa SoftCMS versions prior to 1.6 **Description** A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server, allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of arbitrary code. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the ASP Webserver to minimize the risk of exploitation. Avoid using specially crafted URL requests in the affected ASP Webserver until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Moxa Active OPC Server versions prior to 2.4.19 **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. This is due to an unquoted Windows search path vulnerability. **Recommendations** For versions prior to 2.4.19, update to version 2.4.19 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moxa SoftCMS versions prior to 1.5 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via unspecified fields, potentially leading to unauthorized access or data manipulation. **Recommendations** For versions prior to 1.5, update to version 1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive database fields and implementing additional input validation measures to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Advantech WebAccess versions prior to 8.1 20160519 **Description** The issue allows remote authenticated administrators to obtain sensitive password information. **Recommendations** For versions prior to 8.1 20160519, update to version 8.1 20160519 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** General Electric (GE) Digital Proficy HMI/SCADA - CIMPLICITY versions prior to 8.2 SIM 27 **Description** The issue is related to the mishandling of service DACLs, which allows local users to modify a service configuration. This can be achieved via unspecified vectors. **Recommendations** For versions prior to 8.2 SIM 27, update to version 8.2 SIM 27 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Advantech WebAccess versions prior to 8.1 20160519 **Description** The issue is related to unspecified ActiveX controls and errors in the code of the Advantech WebAccess software. It may allow a remote authenticated user to obtain sensitive information or modify data. The exploitation is connected to the INTERFACESAFE FOR UNTRUSTED CALLER flag, which is related to safety for scripting. **Recommendations** For Advantech WebAccess versions prior to 8.1 20160519, update to version 8.1 20160519 or later to resolve the issue. As a temporary workaround, consider restricting access to the ActiveX controls until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Oracle Enterprise Manager Grid Control versions 12.4.0.2 through 12.5.0.2 **Description** The issue affects confidentiality and integrity, potentially allowing remote attackers to bypass authentication. It is related to Load Testing for Web Apps. There are claims that this could be a directory traversal vulnerability in the `isAllowedUrl` function, which may allow attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, such as `/olt/Login.do/../../olt/UploadFileUpload.do`. **Recommendations** For versions 12.4.0.2 and 12.5.0.2, consider restricting access to the Load Testing for Web Apps component until a patch is available. As a temporary workaround, consider disabling the `isAllowedUrl` function to prevent potential directory traversal attacks. Avoid using URI entries that do not require authentication in the affected Load Testing for Web Apps component until the issue is resolved.