Search
Find a vulnerability
Search criteria
2 vulnerabilities by Plat'Home Co., Ltd.
JVNDB-2026-001001
Vulnerability from jvndb - Published: 2026-01-07 10:46 - Updated:2026-01-07 10:46
Severity
Summary
Authentication bypass vulnerability in OpenBlocks series
Details
OpenBlocks series provided by Plat'Home Co.,Ltd. contains the following vulnerability.
- Authentication bypass (CWE-288) - CVE-2026-21411
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001001.html",
"dc:date": "2026-01-07T10:46+09:00",
"dcterms:issued": "2026-01-07T10:46+09:00",
"dcterms:modified": "2026-01-07T10:46+09:00",
"description": "OpenBlocks series provided by Plat\u0027Home Co.,Ltd. contains the following vulnerability.\u003cul\u003e\u003cli\u003eAuthentication bypass (CWE-288) - CVE-2026-21411\u003c/li\u003e\u003c/ul\u003eChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001001.html",
"sec:cpe": [
{
"#text": "cpe:/o:plathome:openblocks_idm_rx1_firmware",
"@product": "OpenBlocks IDM RX1",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:openblocks_iot_dx1_firmware",
"@product": "OpenBlocks IoT DX1",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:openblocks_iot_ex_bx_firmware",
"@product": "OpenBlocks IoT EX/BX models",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:openblocks_iot_fx1_firmware",
"@product": "OpenBlocks IoT FX1",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:openblocks_iot_vx2_firmware",
"@product": "OpenBlocks IoT VX2",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:openblocks_ix9_with_fw_firmware",
"@product": "OpenBlocks IX9 models with FW",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "8.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-001001",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU97172240/index.html",
"@id": "JVNVU#97172240",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-21411",
"@id": "CVE-2026-21411",
"@source": "CVE"
},
{
"#text": "https://cwe.mitre.org/data/definitions/288.html",
"@id": "CWE-288",
"@title": "Authentication Bypass Using an Alternate Path or Channel(CWE-288)"
}
],
"title": "Authentication bypass vulnerability in OpenBlocks series"
}
JVNDB-2020-000022
Vulnerability from jvndb - Published: 2020-04-08 16:12 - Updated:2020-04-08 16:12
Severity
Summary
Multiple vulnerabilities in EasyBlocks IPv6
Details
EasyBlocks IPv6 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities listed below.
*Cross site request forgery(CWE-352) - CVE-2020-5549
*Session fixation (CWE-384) - CVE-2020-5550
Hideki SAKAMOTO of Tsukuba Secure Network Research reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
|
|
||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000022.html",
"dc:date": "2020-04-08T16:12+09:00",
"dcterms:issued": "2020-04-08T16:12+09:00",
"dcterms:modified": "2020-04-08T16:12+09:00",
"description": "EasyBlocks IPv6 provided by Plat\u0027Home Co., Ltd. contains multiple vulnerabilities listed below.\r\n*Cross site request forgery(CWE-352) - CVE-2020-5549\r\n*Session fixation (CWE-384) - CVE-2020-5550\r\n\r\nHideki SAKAMOTO of Tsukuba Secure Network Research reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-000022.html",
"sec:cpe": [
{
"#text": "cpe:/o:plathome:easyblocks_ipv6_enterprise_firmware",
"@product": "EasyBlocks IPv6 Enterprise",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
},
{
"#text": "cpe:/o:plathome:easyblocks_ipv6_firmware",
"@product": "EasyBlocks IPv6",
"@vendor": "Plat\u0027Home Co., Ltd.",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.2",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2020-000022",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN89224521/index.html",
"@id": "JVN#89224521",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5549",
"@id": "CVE-2020-5549",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5550",
"@id": "CVE-2020-5550",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5549",
"@id": "CVE-2020-5549",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-5550",
"@id": "CVE-2020-5550",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-352",
"@title": "Cross-Site Request Forgery(CWE-352)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in EasyBlocks IPv6"
}