Security Vulnerabilities Security Vulnerabilities

CVE (Common Vulnerabilities or Exposures) are a list of publicly disclosed computer security flaws. We highly advise you to upgrade your appliances to the latest firmware release as soon as you discover a CVE that affects your appliance.

Latest firmware

CACHEBOX

DNSBOX

Below is a list of CVEs that have affected our products and the dates when they were patched, including some other harmful and well known vulnerabilites which don't affect our products.

CACHEBOX

			Firmware patch and date of release
Vulnerability	Common name	Products Affected	CACHEBOX	EDUGATEBOX	CACHEBOXCMC
CVE-2023-4807		CACHEBOX	4.20.2 - 21-Nov-23
CVE-2023-3817		CACHEBOX	4.20.2 - 21-Nov-23
CVE-2023-3446		CACHEBOX	4.20.2 - 21-Nov-23
CVE-2023-24329		CACHEBOX	4.20.2 - 21-Nov-23
CVE-2023-2650		CACHEBOX	4.20.2 - 21-Nov-23
CVE-2022-29824		CACHEBOX	4.19.2 - 01-Mar-23
CVE-2021-4034	PolKit (Policy Kit) Vulnerability	Not affected
CVE-2021-44228	Apache Log4j Remote Code Execution Vulnerability	Not affected
CVE-2021-3711	OpenSSL: SM2 Decryption Buffer Overflow	CACHEBOX, CMC	4.18.2 - 31-Aug-21		3.14.1 - 18-Oct-21
CVE-2021-3712		CACHEBOX, CMC	4.18.2 - 31-Aug-21
CVE-2020-25097		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-28651		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-28662		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-28652		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-31806		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-31807		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-31808		CACHEBOX	4.18.1 - 28-Jun-21
CVE-2021-22945		EDUGATEBOX		1.5.0 - 05-Nov-21
CVE-2021-22946		EDUGATEBOX		1.5.0 - 05-Nov-21
CVE-2021-22947		EDUGATEBOX		1.5.0 - 05-Nov-21
CVE-2021-41611		EDUGATEBOX		1.5.0 - 05-Nov-21
CVE-2021-3156	Sudo Baron Samedit vulnerability	CACHEBOX, EDUGATEBOX, CMC	4.17.6 - 02-Feb-21	1.4.3 - 28-Jan-21	3.13.1 - 17-Feb-21
CVE-2021-23239		EDUGATEBOX, CMC		1.4.3 - 28-Jan-21	3.13.1 - 17-Feb-21
CVE-2021-23240		EDUGATEBOX, CMC		1.4.3 - 28-Jan-21	3.13.1 - 17-Feb-21
CVE-2020-15811		CACHEBOX, EDUGATEBOX	4.17.2 - 24-Aug-20	1.3.1 - 24-Aug-20
CVE-2020-24606		CACHEBOX, EDUGATEBOX	4.17.2 - 24-Aug-20	1.3.1 - 24-Aug-20
CVE-2020-15810		CACHEBOX, EDUGATEBOX	4.17.2 - 24-Aug-20	1.3.1 - 24-Aug-20
CVE-2020-12662		CACHEBOX	4.16.2 - 29-May-20
CVE-2020-12663		CACHEBOX	4.16.2 - 29-May-20
CVE-2019-1551		CACHEBOX, CMC	4.16.0 - 22-Jan-20
CVE-2020-1971		EDUGATEBOX, CMC		1.4.4 - 31-Mar-21	3.13.1 - 17-Feb-21
CVE-2020-1967		EDUGATEBOX, CMC		1.4.4 - 31-Mar-21	3.13.1 - 17-Feb-21
CVE-2019-11477		CACHEBOX	4.15.1 - 27-Jun-19
CVE-2019-1559		CACHEBOX	4.14.2 - 11-Mar-19
CVE-2018-5390		CACHEBOX	4.14.1 - 19-Nov-18
CVE-2018-10360		CACHEBOX, EDUGATEBOX, CMC	4.14.0 - 23-Aug-18	1.1.0 - 02-Oct-18	3.9.0 - 12-Sep-18
CVE-2018-12020		CACHEBOX	4.14.0 - 23-Aug-18

DNSBOX

			Firmware patch and date of release
Vulnerability	Common name	Products Affected	DNSBOX200	DNSBOX300	DNSBOX400
CVE-2023-42465		DNSBOX200	2.14.4 - 06-Dec-23
CVE-2023-42456		DNSBOX200	2.14.4 - 06-Dec-23
CVE-2023-2828		DNSBOX200	2.14.3 - 18-Sep-23
CVE-2023-2911		DNSBOX200	2.14.3 - 18-Sep-23
CVE-2023-24329		DNSBOX200	2.14.3 - 18-Sep-23
CVE-2023-2655		DNSBOX200	2.14.3 - 18-Sep-23
CVE-2023-2650		DNSBOX200	2.14.3 - 18-Sep-23
CVE-2022-48303		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3094		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3736		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3924		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3094		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3736		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-3924		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-37434		DNSBOX200	2.14.2 - 13-Jun-23
CVE-2022-24713		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-37434		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-2097		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-2097		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-30115		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27782		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27781		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27780		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27779		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27778		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-1292		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-29824		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-22576		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27774		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-27775		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-1271		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2021-25220		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-0396		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-0635		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-0667		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2022-2097		DNSBOX200	2.14.1 - 16-Nov-22
CVE-2021-4034	PolKit (Policy Kit) Vulnerability	Not affected
CVE-2021-44228	Apache Log4j Remote Code Execution Vulnerability	Not affected
CVE-2021-3156	Sudo Baron Samedit vulnerability	DNSBOX200	2.13.3 - 05-May-21
CVE-2021-23336		DNSBOX200	2.13.3 -05-May-21
CVE-2020-1971		DNSBOX200	2.13.3 - 05-May-21
CVE-2020-1967		DNSBOX200	2.13.3 - 05-May-21
CVE-2019-1551		DNSBOX200	2.13.3 - 05-May-21
CVE-2021-3177		DNSBOX200	2.13.3 - 05-May-21
CVE-2020-8616		DNSBOX200, DNSBOX300, DNSBOX400	2.12.2 - 29-Jul-20	3.11.2 - 09-Jun-20	3.11.2 - 09-Jun-20
CVE-2020-8617		DNSBOX200, DNSBOX300, DNSBOX400	2.12.2 - 29-Jul-20	3.11.2 - 09-Jun-20	3.11.2 - 09-Jun-20
CVE-2020-12662		DNSBOX200	2.12.2 - 29-Jul-20
CVE-2020-12663		DNSBOX200	2.12.2 - 29-Jul-20
CVE-2019-6477		DNSBOX200, DNSBOX400	2.12.0 - 04-Dec-19		3.11.0 - 10-Dec-19
CVE-2019-18934		DNSBOX200	2.12.0 - 04-Dec-19
CVE-2019-6475		DNSBOX200, DNSBOX400	2.12.0 - 04-Dec-19		3.11.0 - 10-Dec-19
CVE-2019-6476		DNSBOX200, DNSBOX400	2.12.0 - 04-Dec-19		3.11.0 - 10-Dec-19
CVE-2019-14287		DNSBOX200, DNSBOX400	2.12.0 - 04-Dec-19		3.11.0 - 10-Dec-19
CVE-2018-5390		DNSBOX200, DNSBOX300, DNSBOX400	2.11.4 - 09-Nov-18	3.10.4 - 12-Mar-19	3.10.4 - 12-Mar-19
CVE-2018-5391		DNSBOX200, DNSBOX300, DNSBOX400	2.11.4 - 09-Nov-18	3.10.4 - 12-Mar-19	3.10.4 - 12-Mar-19
CVE-2018-10360		DNSBOX200, DNSBOX300, DNSBOX400	2.11.4 - 09-Nov-18	3.10.4 - 12-Mar-19	3.10.4 - 12-Mar-19
CVE-2018-12020		DNSBOX200, DNSBOX400	2.11.3b - 13-Jul-18		3.10.3 - 06-Jul-18
CVE-2017-15105		DNSBOX200, DNSBOX400	2.11.1 - 06-Feb-18	3.10.1 - 05-Feb-18	3.10.1 - 05-Feb-18
CVE-2017-3145		DNSBOX200	2.11.0 - 26-Jan-18