Planet Gs-4210-24pl4c

12 CVEs affecting Planet Gs-4210-24pl4c. Latest disclosed: 2024-09-30. Critical: 1, High: 7.

Top CVEs affecting Planet Gs-4210-24pl4c
CVESeverityScorePublishedSummary
CVE-2024-8456Critical9.82024-09-30Certain switch models from PLANET Technology lack proper access control in firmware upload and download functionality, allowing unauthenticated remote attacker…
CVE-2024-8458High8.82024-09-30Certain switch models from PLANET Technology have a web application that is vulnerable to Cross-Site Request Forgery (CSRF). An unauthenticated remote attacker…
CVE-2024-8448High8.82024-09-30Certain switch models from PLANET Technology have a hard-coded credential in the specific command-line interface, allowing remote attackers with regular privil…
CVE-2024-8450High8.62024-09-30Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1 service, allowing unauthorized remote attackers to use this commu…
CVE-2024-8455High8.12024-09-30The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communicat…
CVE-2024-8452High7.52024-09-30Certain switch models from PLANET Technology only support obsolete algorithms for authentication protocol and encryption protocol in the SNMPv3 service, allowi…
CVE-2024-8451High7.52024-09-30Certain switch models from PLANET Technology have an SSH service that improperly handles insufficiently authenticated connection requests, allowing unauthorize…
CVE-2024-8459High7.22024-09-30Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administ…
CVE-2024-8449Medium6.82024-09-30Certain switch models from PLANET Technology have a Hard-coded Credential in the password recovering functionality, allowing an unauthenticated attacker to con…
CVE-2024-8454Medium5.32024-09-30The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl…
CVE-2024-8453Medium4.92024-09-30Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator…
CVE-2024-8457Medium4.82024-09-30Certain switch models from PLANET Technology have a web application that does not properly validate specific parameters, allowing remote authenticated users wi…