Search criteria
4 vulnerabilities by Plat'Home Co.,Ltd.
CVE-2020-5549 (GCVE-0-2020-5549)
Vulnerability from cvelistv5 – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5549",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5549",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5550 (GCVE-0-2020-5550)
Vulnerability from cvelistv5 – Published: 2020-04-08 07:50 – Updated: 2024-08-04 08:30
VLAI?
Summary
Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Session fixation
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | EasyBlocks IPv6 |
Affected:
Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EasyBlocks IPv6",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session fixation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-08T07:50:23",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EasyBlocks IPv6",
"version": {
"version_data": [
{
"version_value": "Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session fixation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.plathome.co.jp/software/ipv6-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-v2-0-2/"
},
{
"name": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/"
},
{
"name": "https://jvn.jp/en/jp/JVN89224521/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN89224521/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5550",
"datePublished": "2020-04-08T07:50:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5535 (GCVE-0-2020-5535)
Vulnerability from cvelistv5 – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
VLAI?
Summary
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | OpenBlocks IoT VX2 |
Affected:
prior to Ver.4.0.0 (Ver.3 Series)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenBlocks IoT VX2",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to Ver.4.0.0 (Ver.3 Series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T01:35:19",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5535",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenBlocks IoT VX2",
"version": {
"version_data": [
{
"version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN19666251/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5535",
"datePublished": "2020-03-04T01:35:19",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5536 (GCVE-0-2020-5536)
Vulnerability from cvelistv5 – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
VLAI?
Summary
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Authentication bypass
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Plat'Home Co.,Ltd. | OpenBlocks IoT VX2 |
Affected:
prior to Ver.4.0.0 (Ver.3 Series)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.494Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "OpenBlocks IoT VX2",
"vendor": "Plat\u0027Home Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "prior to Ver.4.0.0 (Ver.3 Series)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-04T01:35:19",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5536",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenBlocks IoT VX2",
"version": {
"version_data": [
{
"version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
}
]
}
}
]
},
"vendor_name": "Plat\u0027Home Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/jp/JVN19666251/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN19666251/index.html"
},
{
"name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
"refsource": "MISC",
"url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5536",
"datePublished": "2020-03-04T01:35:19",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}