Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gs\-4210\-24pl4c_firmware
(Planet)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-30 | CVE-2024-8458 | Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts. | Gs\-4210\-24p2s_firmware, Gs\-4210\-24pl4c_firmware | 8.8 | ||
| 2024-09-30 | CVE-2024-8459 | Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials. | Gs\-4210\-24p2s_firmware, Gs\-4210\-24pl4c_firmware | 4.9 |