CVE-2026-21411

CVSS 8.7 HIGHEPSS 0.3%CWE-288

Authentication bypass issue exists in OpenBlocks series versions prior to FW5.0.8, which may allow an attacker to bypass administrator authentication and change the password.

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Produtos afetados

Plat'Home Co.,Ltd. · OpenBlocks IDM RX1 (FW5.0.x)Plat'Home Co.,Ltd. · OpenBlocks IoT DX1 (FW5.0.x)Plat'Home Co.,Ltd. · OpenBlocks IoT EX/BX models (FW5.0.x)Plat'Home Co.,Ltd. · OpenBlocks IoT FX1 (FW5.0.x)Plat'Home Co.,Ltd. · OpenBlocks IoT VX2 (FW5.0.x)Plat'Home Co.,Ltd. · OpenBlocks IX9 models with FW (FW5.0.x)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://jvn.jp/en/vu/JVNVU97172240/https://www.plathome.co.jp/support/software/fw5/dx1-v5-0-8/