Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for openblocks_iot_vx2_firmware by plathome

    CVE-2020-5536 (GCVE-0-2020-5536)

    Vulnerability from nvd – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
    VLAI
    Summary
    OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Plat'Home Co.,Ltd. OpenBlocks IoT VX2 Affected: prior to Ver.4.0.0 (Ver.3 Series)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:30:24.494Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenBlocks IoT VX2",
              "vendor": "Plat\u0027Home Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to Ver.4.0.0 (Ver.3 Series)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-04T01:35:19.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2020-5536",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OpenBlocks IoT VX2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Plat\u0027Home Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://jvn.jp/en/jp/JVN19666251/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
                },
                {
                  "name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
                  "refsource": "MISC",
                  "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2020-5536",
        "datePublished": "2020-03-04T01:35:19.000Z",
        "dateReserved": "2020-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T08:30:24.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-5535 (GCVE-0-2020-5535)

    Vulnerability from nvd – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
    VLAI
    Summary
    OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • OS Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Plat'Home Co.,Ltd. OpenBlocks IoT VX2 Affected: prior to Ver.4.0.0 (Ver.3 Series)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:30:24.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenBlocks IoT VX2",
              "vendor": "Plat\u0027Home Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to Ver.4.0.0 (Ver.3 Series)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-04T01:35:19.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2020-5535",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OpenBlocks IoT VX2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Plat\u0027Home Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "OS Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://jvn.jp/en/jp/JVN19666251/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
                },
                {
                  "name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
                  "refsource": "MISC",
                  "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2020-5535",
        "datePublished": "2020-03-04T01:35:19.000Z",
        "dateReserved": "2020-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T08:30:24.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-5536 (GCVE-0-2020-5536)

    Vulnerability from cvelistv5 – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
    VLAI
    Summary
    OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • Authentication bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Plat'Home Co.,Ltd. OpenBlocks IoT VX2 Affected: prior to Ver.4.0.0 (Ver.3 Series)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:30:24.494Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenBlocks IoT VX2",
              "vendor": "Plat\u0027Home Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to Ver.4.0.0 (Ver.3 Series)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Authentication bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-04T01:35:19.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2020-5536",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OpenBlocks IoT VX2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Plat\u0027Home Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Authentication bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://jvn.jp/en/jp/JVN19666251/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
                },
                {
                  "name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
                  "refsource": "MISC",
                  "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2020-5536",
        "datePublished": "2020-03-04T01:35:19.000Z",
        "dateReserved": "2020-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T08:30:24.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-5535 (GCVE-0-2020-5535)

    Vulnerability from cvelistv5 – Published: 2020-03-04 01:35 – Updated: 2024-08-04 08:30
    VLAI
    Summary
    OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • OS Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Plat'Home Co.,Ltd. OpenBlocks IoT VX2 Affected: prior to Ver.4.0.0 (Ver.3 Series)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:30:24.607Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenBlocks IoT VX2",
              "vendor": "Plat\u0027Home Co.,Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to Ver.4.0.0 (Ver.3 Series)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-04T01:35:19.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2020-5535",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "OpenBlocks IoT VX2",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to Ver.4.0.0 (Ver.3 Series)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Plat\u0027Home Co.,Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "OS Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://jvn.jp/en/jp/JVN19666251/index.html",
                  "refsource": "MISC",
                  "url": "https://jvn.jp/en/jp/JVN19666251/index.html"
                },
                {
                  "name": "https://www.plathome.co.jp/software/vx2-v4-0-0/",
                  "refsource": "MISC",
                  "url": "https://www.plathome.co.jp/software/vx2-v4-0-0/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2020-5535",
        "datePublished": "2020-03-04T01:35:19.000Z",
        "dateReserved": "2020-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-04T08:30:24.607Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }