Security Vulnerabilities Security Vulnerabilities

CVE (Common Vulnerabilities or Exposures) are a list of publicly disclosed computer security flaws. We highly advise you to upgrade your appliances to the latest firmware release as soon as you discover a CVE that affects your appliance.

Latest firmware

Below is a list of CVEs that have affected our products and the dates when they were patched, including some other harmful and well known vulnerabilites which don't affect our products.

CACHEBOX

 
      Firmware patch and date of release
Vulnerability Common name Products Affected CACHEBOX EDUGATEBOX CACHEBOXCMC
CVE-2023-4807   CACHEBOX 4.20.2 - 21-Nov-23    
CVE-2023-3817   CACHEBOX 4.20.2 - 21-Nov-23    
CVE-2023-3446   CACHEBOX 4.20.2 - 21-Nov-23    
CVE-2023-24329   CACHEBOX 4.20.2 - 21-Nov-23    
CVE-2023-2650   CACHEBOX 4.20.2 - 21-Nov-23    
CVE-2022-29824   CACHEBOX 4.19.2 - 01-Mar-23    
CVE-2021-4034 PolKit (Policy Kit) Vulnerability Not affected      
CVE-2021-44228 Apache Log4j Remote Code Execution Vulnerability Not affected      
CVE-2021-3711 OpenSSL: SM2 Decryption Buffer Overflow CACHEBOX, CMC 4.18.2 - 31-Aug-21   3.14.1 - 18-Oct-21
CVE-2021-3712   CACHEBOX, CMC 4.18.2 - 31-Aug-21    
CVE-2020-25097   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28651   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28662   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-28652   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31806   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31807   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-31808   CACHEBOX 4.18.1 - 28-Jun-21    
CVE-2021-22945   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-22946   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-22947   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-41611   EDUGATEBOX   1.5.0 - 05-Nov-21  
CVE-2021-3156 Sudo Baron Samedit vulnerability CACHEBOX, EDUGATEBOX, CMC 4.17.6 - 02-Feb-21 1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2021-23239   EDUGATEBOX, CMC   1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2021-23240   EDUGATEBOX, CMC   1.4.3 - 28-Jan-21 3.13.1 - 17-Feb-21
CVE-2020-15811   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-24606   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-15810   CACHEBOX, EDUGATEBOX 4.17.2 - 24-Aug-20 1.3.1 - 24-Aug-20  
CVE-2020-12662   CACHEBOX 4.16.2 - 29-May-20    
CVE-2020-12663   CACHEBOX 4.16.2 - 29-May-20    
CVE-2019-1551   CACHEBOX, CMC 4.16.0 - 22-Jan-20    
CVE-2020-1971   EDUGATEBOX, CMC   1.4.4 - 31-Mar-21 3.13.1 - 17-Feb-21
CVE-2020-1967   EDUGATEBOX, CMC   1.4.4 - 31-Mar-21 3.13.1 - 17-Feb-21
CVE-2019-11477   CACHEBOX 4.15.1 - 27-Jun-19    
CVE-2019-1559   CACHEBOX 4.14.2 - 11-Mar-19    
CVE-2018-5390   CACHEBOX 4.14.1 - 19-Nov-18    
CVE-2018-10360   CACHEBOX, EDUGATEBOX, CMC 4.14.0 - 23-Aug-18 1.1.0 - 02-Oct-18 3.9.0 - 12-Sep-18
CVE-2018-12020   CACHEBOX 4.14.0 - 23-Aug-18    

DNSBOX

      Firmware patch and date of release
Vulnerability Common name Products Affected DNSBOX200 DNSBOX300 DNSBOX400
CVE-2023-42465   DNSBOX200 2.14.4 - 06-Dec-23    
CVE-2023-42456   DNSBOX200 2.14.4 - 06-Dec-23    
CVE-2023-2828   DNSBOX200 2.14.3 - 18-Sep-23    
CVE-2023-2911   DNSBOX200 2.14.3 - 18-Sep-23    
CVE-2023-24329   DNSBOX200 2.14.3 - 18-Sep-23    
CVE-2023-2655   DNSBOX200 2.14.3 - 18-Sep-23    
CVE-2023-2650   DNSBOX200 2.14.3 - 18-Sep-23    
CVE-2022-48303   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3094   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3736   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3924   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3094   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3736   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-3924   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-37434   DNSBOX200 2.14.2 - 13-Jun-23    
CVE-2022-24713   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-37434   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-2097   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-2097   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-30115   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27782   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27781   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27780   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27779   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27778   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-1292   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-29824   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-22576   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27774   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-27775   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-1271   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2021-25220   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-0396   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-0635   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-0667   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2022-2097   DNSBOX200 2.14.1 - 16-Nov-22    
CVE-2021-4034 PolKit (Policy Kit) Vulnerability Not affected      
CVE-2021-44228 Apache Log4j Remote Code Execution Vulnerability Not affected      
CVE-2021-3156 Sudo Baron Samedit vulnerability DNSBOX200 2.13.3 - 05-May-21    
CVE-2021-23336   DNSBOX200 2.13.3 -05-May-21    
CVE-2020-1971   DNSBOX200 2.13.3 - 05-May-21    
CVE-2020-1967   DNSBOX200 2.13.3 - 05-May-21    
CVE-2019-1551   DNSBOX200 2.13.3 - 05-May-21    
CVE-2021-3177   DNSBOX200 2.13.3 - 05-May-21    
CVE-2020-8616   DNSBOX200, DNSBOX300, DNSBOX400 2.12.2 - 29-Jul-20 3.11.2 - 09-Jun-20 3.11.2 - 09-Jun-20
CVE-2020-8617   DNSBOX200, DNSBOX300, DNSBOX400 2.12.2 - 29-Jul-20 3.11.2 - 09-Jun-20 3.11.2 - 09-Jun-20
CVE-2020-12662   DNSBOX200 2.12.2 - 29-Jul-20    
CVE-2020-12663   DNSBOX200 2.12.2 - 29-Jul-20    
CVE-2019-6477   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-18934   DNSBOX200 2.12.0 - 04-Dec-19    
CVE-2019-6475   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-6476   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2019-14287   DNSBOX200, DNSBOX400 2.12.0 - 04-Dec-19   3.11.0 - 10-Dec-19
CVE-2018-5390   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-5391   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-10360   DNSBOX200, DNSBOX300, DNSBOX400 2.11.4 - 09-Nov-18 3.10.4 - 12-Mar-19 3.10.4 - 12-Mar-19
CVE-2018-12020   DNSBOX200, DNSBOX400 2.11.3b - 13-Jul-18   3.10.3 - 06-Jul-18
CVE-2017-15105   DNSBOX200, DNSBOX400 2.11.1 - 06-Feb-18 3.10.1 - 05-Feb-18 3.10.1 - 05-Feb-18
CVE-2017-3145   DNSBOX200 2.11.0 - 26-Jan-18