Advisories

LTE (4G) Modems and Routers from ZTE contained an SQL Injection vulnerability in the SMS functionality. 

The Synology Router Manager (SRM) web portal contains a DOM based reflected XSS vulnerability. The SRM web portal is used by multiple Synology routers. The vulnerability allows a malicious user to run JavaScript code in the context of the victim's browser, if the victim clicks a crafted URL.

The OpenText Archive Center Administration Client (Versions 16.2.3, 21.2 and previous) allow XML External Entity (XXE) attacks. This allows malicious authenticated users to exfiltrate the contents of files on the application host, carry out port scanning activities, or potentially cause a localized Denial of Service (DOS) attack against the application instance and system of the user running it.

The Megafeis API server had an insufficient password policy for its user accounts. This would facilitate an attacker's efforts to obtain user passwords via password guessing attacks. Additionally, the API server did not appear to have a rate-limiting function in place, increasing the likelihood of a successful password brute force attack against the server.

An information disclosure issue was discovered allowed an attacker within Bluetooth broadcast range of a target Megafeis-branded Smartlock to acquire sensitive information. This information was the email address and phone number associated with accounts which owned Megafeis smart locks. This information can be combined with related issues discovered by the researcher to facilitate an attacker's efforts take over the target user's account.