Plat’Home OpenBlocks IoT VX2 安全漏洞

Plat'home Plat'Home OpenBlocks IoT VX2 is an IoT gateway device from Plat'home Japan. A security vulnerability exists in the Plat'Home OpenBlocks IoT VX2 that stems from an authentication bypass that could allow an attacker to bypass administrator authentication and change the password...

CVE-2020-5536

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

CVE-2020-5536

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

Design/Logic Flaw

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

Authentication flaw

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

CVE-2020-5536

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors...

CVE-2020-5535

OpenBlocks IoT VX2 prior to Ver.4.0.0 Ver.3 Series allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors...

CVE-2020-5535

OpenBlocks IoT VX2 is affected by CVE-2020-5535 (OS command injection). The vulnerabilities affect the VX2 prior to Ver.4.0.0 (Ver.3 Series). An attacker connected on the same network segment can execute arbitrary OS commands with root privileges, via unspecified vectors. Affected component is th...

Multiple vulnerabilities in OpenBlocks IoT VX2

Overview OpenBlocks IoT VX2 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities. Masahiro Murashima and Genta Kataoka of IERAE SECURITY INC. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

JVN#19666251: Multiple vulnerabilities in OpenBlocks IoT VX2

OpenBlocks IoT VX2 provided by Plat'Home Co., Ltd. contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2020-5535 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H| Base Score: 8.8 CVSS v2| AV:A/AC:L/Au:N/C:P/I:P/A:P| Base Score:...