Gs 4210 24Pl4C Hardware 2.0
Approved changes feed: RSS · Atom
cpe:2.3:a:planet_technology_corp:gs-4210-24pl4c_hardware_2.0:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Planet Technology Corp (a1b1b0af-a612-5691-906b-39199e6b3b70) |
|---|---|
| Product | Gs 4210 24Pl4C Hardware 2.0 (426b8512-ecdc-5b54-84d4-83cbfd18d8d2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-8459 |
under_investigation | 2026-06-08 07:00:24.695749 |
PLANET Technology switch devices - Cleartext storage of SNMPv3 users' passwords
HIGH (7.2)
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
Published: 2024-09-30T07:59:27.614Z
Updated: 2024-09-30T16:13:57.982Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8458 |
vulnerable | 2026-06-08 07:00:24.694895 |
PLANET Technology switch devices - Cross-site Request Forgery
HIGH (8.8)
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker can trick a user into visiting a malicious website, allowing the attacker to impersonate the user and perform actions on their behalf, such as creating accounts.
Published: 2024-09-30T07:45:34.664Z
Updated: 2024-09-30T16:47:20.988Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8456 |
vulnerable | 2026-06-08 07:00:24.693167 |
PLANET Technology switch devices - Missing Authentication for multiple HTTP routes
CRITICAL (9.8)
Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attackers to download and upload firmware and system configurations, ultimately gaining full control of the devices.
Published: 2024-09-30T07:35:04.179Z
Updated: 2024-09-30T16:51:08.872Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8455 |
vulnerable | 2026-06-08 07:00:24.689064 |
PLANET Technology switch devices - Swctrl service exchanges weakly encoded passwords
HIGH (8.1)
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with this service are encoded user passwords. Due to insufficient strength, unauthorized remote attackers who intercept the packets can directly crack them to obtain plaintext passwords.
Published: 2024-09-30T07:24:49.379Z
Updated: 2024-09-30T16:54:36.168Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8454 |
vulnerable | 2026-06-08 07:00:24.681305 |
PLANET Technology switch devices - Swctrl service DoS attack
MEDIUM (5.3)
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote attackers to send crafted packets that can crash the service.
Published: 2024-09-30T07:18:30.271Z
Updated: 2024-09-30T16:59:40.972Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8449 |
vulnerable | 2026-06-08 07:00:24.676837 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-8448 |
vulnerable | 2026-06-08 07:00:24.668860 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.