1. Home
  2. Support
  3. Security Advisories
  4. PLANET Technology Security Advisory - Vulnerability Notification for WGS-804HPT
PLANET Technology Security Advisory - Vulnerability Notification for WGS-804HPT
CVE
CVE-1999-0067 , CVE-2001-1246 , CVE-2002-0061 , CVE-2002-1898 , CVE-2003-0041 , CVE-2004-0816 , CVE-2004-1002 , CVE-2005-0199 , CVE-2005-1891 , CVE-2007-3572 , CVE-2008-2575 , CVE-2008-4304 , CVE-2008-4796 , CVE-2012-1988 , CVE-2020-10221 , CVE-2020-10987 , CVE-2020-9054 , CVE-2021-35395
Summary
PLANET Technology has released firmware updates to address multiple security vulnerabilities affecting the WGS-804HPT. These vulnerabilities, if unpatched, may lead to unauthorized access, denial-of-service, and potential exposure of sensitive information. Users are strongly advised to update their devices to enhance security and functionality.
What Are the Risks Associated with This Vulnerability?

The identified vulnerabilities impact WGS-804HPT firmware, posing the following potential risks:

Unauthorized Command Execution and Privilege Escalation: Exploiting CWE-78 through OS Command Injection allows an attacker to execute arbitrary commands. 

Related CVE IDs: CVE-2020-10987, CVE-2020-10221, CVE-2020-9054, CVE-1999-0067, CVE-2001-1246, CVE-2002-0061, CVE-2003-0041, CVE-2008-2575, CVE-2002-1898, CVE-2008-4304, CVE-2008-4796, CVE-2007-3572, CVE-2012-1988.

Integer Underflow Vulnerabilities: Instances of CWE-191 can lead to unexpected integer wraparounds, affecting stability and security. 

Related CVE IDs: CVE-2004-0816, CVE-2004-1002, CVE-2005-0199, and CVE-2005-1891.

Buffer Overflow Attacks: The CWE-121 vulnerability presents risks of stack-based buffer overflows, which may result in a system crash or allow unauthorized code execution. 

Related CVE ID: CVE-2021-35395.

Given these risks, it is essential to apply the available firmware updates as soon as possible to safeguard your network and prevent exploitation.

Which Versions Are Affected and What Should You Do?
After a comprehensive investigation, we have identified the impacted product versions and released updated firmware to mitigate this vulnerability. The affected products and available patches are listed in the table below:
Product Series Affected Version Patch Availability
WGS-804HPT hardware 1.0 Update to 1.305b241111
How to Get Assistance
If you have any questions or require assistance, please contact PLANET's technical support team or reach out to your PLANET distributor. We are here to provide additional guidance and support.
Acknowledgment
We would like to express our appreciation to Agenzia per la Cybersicurezza Nazionale (ACN) for reporting this issue.
Revision History
[2024-11-14]: Initial Version
Sustainability
Awards
Contact Us
News Subscription
PLANET eTV
News
Events
繁體中文
Corporate APP
Copyright © PLANET Technology Corporation.
All rights reserved.
|
Privacy Statement
|
Sitemap
Contact Us