GCVE - cpe:2.3:a:carrier:lenels2_netbox:0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:carrier:lenels2_netbox:0:*:*:*:*:*:*:*

part: a version: 0 update: *

Vendor	Carrier (`4f192991-d852-5560-a7e4-614ce7fd9279`)
Product	Lenels2 Netbox (`b5d6bd45-90d3-523f-8720-77577b285bb5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-2422`	vulnerable	2026-06-03 14:55:29.199655	LenelS2 NetBox Improper Neutralization of Argumented Delimiters LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands. Published: 2024-05-30T17:26:12.543Z Updated: 2024-08-01T19:11:53.469Z Open on db.gcve.eu Reference links https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-2421`	vulnerable	2026-06-03 14:55:29.199199	LenelS2 NetBox Improper Neutralization of Special Elements LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions. Published: 2024-05-30T17:24:33.231Z Updated: 2024-08-01T19:11:53.525Z Open on db.gcve.eu Reference links https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-2420`	vulnerable	2026-06-03 14:55:29.195632	LenelS2 NetBox Hardcoded Credentials LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements. Published: 2024-05-30T17:22:06.344Z Updated: 2024-08-01T19:11:53.496Z Open on db.gcve.eu Reference links https://www.corporate.carrier.com/Images/CARR-PSA-2024-01-NetBox_tcm558-227956.pdf https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.