GCVE - cpe:2.3:a:n/a:cujo:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:cujo:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Cujo (`200a6c58-e229-597e-8d9c-6b1e1658afba`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-4031`	vulnerable	2026-06-08 05:11:41.599502	Details available CRITICAL (9) An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement without prior sanitization, which results in arbitrary Lua script execution in the kernel. An attacker could send an HTTP request to exploit this vulnerability. Published: 2019-10-31T20:29:02.000Z Updated: 2024-08-05T05:04:28.400Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0703	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4030`	vulnerable	2026-06-08 05:11:41.599192	Details available MEDIUM (5.3) An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. The bug lies in the way the safe browsing function parses HTTP requests. The "Host" header is incorrectly extracted from captured HTTP requests, which would allow an attacker to visit any malicious websites and bypass the firewall. An attacker could send an HTTP request to exploit this vulnerability. Published: 2019-03-21T15:46:08.000Z Updated: 2024-08-05T05:04:28.873Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0702	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4011`	vulnerable	2026-06-08 05:11:41.577271	Details available MEDIUM (6.5) An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the "RDLENGTH" value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability. Published: 2019-03-21T15:42:40.000Z Updated: 2024-08-05T04:57:24.498Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0681	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4003`	vulnerable	2026-06-08 05:11:41.569239	Details available HIGH (8.3) An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability. Published: 2019-03-21T15:05:44.000Z Updated: 2024-08-05T04:57:24.577Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0672	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-4002`	vulnerable	2026-06-08 05:11:41.566794	Details available MEDIUM (5.3) An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack, crashing the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability. Published: 2019-10-31T20:37:17.000Z Updated: 2024-08-05T04:57:24.634Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2018-0671	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-3985`	vulnerable	2026-06-08 05:11:41.541774	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-3969`	vulnerable	2026-06-08 05:11:41.500902	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-3963`	vulnerable	2026-06-08 05:11:41.491096	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.