Common Vulnerabilities and Exposures, Container Security, Security

Multiple vulnerabilities in EasyBlocks IPv6

April 8, 2020

Overview :

Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVE-2020-5549

EasyBlocks IPv6 Enterprise Software Release Information ｜ Version 2.0.2

[Vulnerability] Supported
[Bug] Fixed update stop when changing Config file.

Known issues

Operation becomes unstable with redundancy in Act-Act configuration. Since we plan to integrate this into an Act-Stb configuration, we recommend using an Act-Stb configuration for redundancy.

Notes

This update is based on ver.2.0.1. Therefore, please update to Ver.2.0.1 in advance.

References

MISC:https://jvn.jp/en/jp/JVN89224521/index.html MISC:https://www.plathome.co.jp/software/ipv6-enterprise-v2-0-2/ MISC:https://www.plathome.co.jp/software/ipv6-v2-0-2/

Cross-site request forgery (CSRF) vulnerability CVE-2020-5549 EasyBlocks IPv6 EasyBlocks IPv6 Ver. 2.0.1