Vulnerabilities > Planex
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-26 | CVE-2024-45372 | Cross-Site Request Forgery (CSRF) vulnerability in Planex Mzk-Dp300N Firmware MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. | 6.5 |
| 2024-09-26 | CVE-2024-45836 | Cross-site Scripting vulnerability in Planex products Cross-site scripting vulnerability exists in the web management page of PLANEX COMMUNICATIONS network cameras. | 6.1 |
| 2023-02-14 | CVE-2023-22370 | Cross-site Scripting vulnerability in Planex Cs-Wmv02G Stored cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a network-adjacent authenticated attacker to inject an arbitrary script. | 5.2 |
| 2023-02-14 | CVE-2023-22375 | Cross-Site Request Forgery (CSRF) vulnerability in Planex Cs-Wmv02G Firmware Cross-site request forgery (CSRF) vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to hijack the authentication and conduct arbitrary operations by having a logged-in user to view a malicious page. | 8.8 |
| 2023-02-14 | CVE-2023-22376 | Cross-site Scripting vulnerability in Planex Cs-Wmv02G Firmware Reflected cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unauthenticated attacker to inject arbitrary script to inject an arbitrary script. | 6.1 |
| 2022-09-08 | CVE-2022-38399 | Improper Authentication vulnerability in Planex Cs-Qr10 Firmware and Cs-Qr20 Firmware Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connection | 6.8 |
| 2022-08-22 | CVE-2021-37289 | Incorrect Default Permissions vulnerability in Planex Mzk-Dp150N Firmware 1.42/1.43 Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp. | 7.2 |
| 2018-08-24 | CVE-2017-12577 | Use of Hard-coded Credentials vulnerability in Planex Cs-Qr20 Firmware and Smacam Night Vision An issue was discovered on the PLANEX CS-QR20 1.30. | 9.8 |
| 2018-08-24 | CVE-2017-12576 | Exposure of Resource to Wrong Sphere vulnerability in Planex Cs-Qr20 Firmware 1.30 An issue was discovered on the PLANEX CS-QR20 1.30. | 7.2 |
| 2018-08-24 | CVE-2017-12574 | Use of Hard-coded Credentials vulnerability in Planex Cs-W50Hd Firmware 030608/030715/030718 An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. | 9.8 |