Security Vulnerabilities Security Vulnerabilities

CVE (Common Vulnerabilities or Exposures) are a list of publicly disclosed computer security flaws. We highly advise you to upgrade your appliances to the latest firmware release as soon as you discover a CVE that affects your appliance.

Latest firmware

Below is a list of CVEs that have affected our products and the dates when they were patched, including some other harmful and well known vulnerabilites which don't affect our products.

CACHEBOX

      Firmware patch and date of release
Vulnerability Common name Products Affected CACHEBOX EDUGATEBOX CACHEBOXCMC
CVE-2021-4034 PolKit (Policy Kit) Vulnerability Not affected      
CVE-2021-44228 Apache Log4j Remote Code Execution Vulnerability Not affected      
CVE-2021-3711 OpenSSL: SM2 Decryption Buffer Overflow CACHEBOX, CMC 4.18.2 - 31-Aug-21   3.14.1 - 18-Oct-21
CVE-2021-3712   CACHEBOX, CMC 4.18.2 - 31-Aug-21    
CVE-2020-25097   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28651   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28662   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28652   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31806   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31807   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31808   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-22945   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-22946   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-22947   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-41611   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-3156 Sudo Baron Samedit vulnerability CACHEBOX, EDUGATEBOX, CMC 4.17.6 - 02-Feb-21 1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2021-23239   EDUGATEBOX, CMC   1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2021-23240   EDUGATEBOX, CMC   1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2020-15811   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-24606   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-15810   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-12662   CACHEBOX 4.16.2 - 29-May-20    
CVE-2020-12663   CACHEBOX 4.16.2 - 29-May-20    
CVE-2019-1551   CACHEBOX, CMC 4.16.0 - 22-Jan-20    
CVE-2020-1971   EDUGATEBOX, CMC   1.4.4 - 31-Mar-21 3.13.1 - 17-Feb-21
CVE-2020-1967   EDUGATEBOX, CMC   1.4.4 - 31-Mar-21 3.13.1 - 17-Feb-21
CVE-2019-11477   CACHEBOX 4.15.1 - 27-Jun-19    
CVE-2019-1559   CACHEBOX 4.14.2 - 11-Mar-19    
CVE-2018-5390   CACHEBOX 4.14.1 - 19-Nov-18    
CVE-2018-10360   CACHEBOX, EDUGATEBOX, CMC 4.14.0 - 23-Aug-18 1.1.0 - 02-Oct-18 3.9.0 - 12-Sep-18
CVE-2018-12020   CACHEBOX 4.14.0 - 23-Aug-18    

DNSBOX

      Firmware patch and date of release
Vulnerability Common name Products Affected DNSBOX200 DNSBOX300 DNSBOX400
CVE-2021-4034 PolKit (Policy Kit) Vulnerability Not affected      
CVE-2021-44228 Apache Log4j Remote Code Execution Vulnerability Not affected      
CVE-2021-3156 Sudo Baron Samedit vulnerability DNSBOX200 2.13.3 - 05-May-21    
CVE-2021-23336   DNSBOX200 2.13.3 -05-May-21    
CVE-2020-1971   DNSBOX200 2.13.3 - 05-May-21    
CVE-2020-1967   DNSBOX200 2.13.3 - 05-May-21    
CVE-2019-1551   DNSBOX200 2.13.3 - 05-May-21    
CVE-2021-3177   DNSBOX200 2.13.3 - 05-May-21    
CVE-2020-8616   DNSBOX200, DNSBOX300, DNSBOX400 2.12.2 - 29-Jul-20 3.11.2 - 09-Jun-20 3.11.2 - 09-Jun-20
CVE-2020-8617   DNSBOX200, DNSBOX300, DNSBOX400 2.12.2 - 29-Jul-20 3.11.2 - 09-Jun-20 3.11.2 - 09-Jun-20
CVE-2020-12662   DNSBOX200 2.12.2 - 29-Jul-20    
CVE-2020-12663   DNSBOX200 2.12.2 - 29-Jul-20    
CVE-2019-6477   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-18934   DNSBOX200 2.12.0 - 04-Dec-19    
CVE-2019-6475   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-6476   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-14287   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2018-5390   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-5391   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-10360   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-12020   DNSBOX200, DNSBOX400 2.11.3b - 13-Jul-18   3.10.3 - 06-Jul-18
CVE-2017-15105   DNSBOX200, DNSBOX400 2.11.1 - 06-Feb-18 3.10.1 - 05-Feb-18 3.10.1 - 05-Feb-18
CVE-2017-3145   DNSBOX200 2.11.0 - 26-Jan-18