sessionlist.html and sys_trayentryreboot.html are accessible with no authentication. sessionlist.html provides logged-in users session information including session cookies, and sys_trayentryreboot.html allows to reboot the device. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
A product requires authentication, but the product has an alternate path or channel that does not require authentication.