VYPR
Vendor

Clavister

Products
5
CVEs
7
Across products
9
Status
Private

Products

5

Recent CVEs

7
  • CVE-2018-8753MedAug 15, 2018
    risk 0.38cvss 5.9epss 0.02

    The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack.

  • CVE-2024-3142MedApr 2, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit…

  • CVE-2024-3141LowApr 1, 2024
    risk 0.16cvss 2.4epss 0.00

    A vulnerability has been found in Clavister E10 and E80 up to 14.00.10 and classified as problematic. This vulnerability affects unknown code of the file /?Page=Node&OBJ=/System/AdvancedSettings/DeviceSettings/MiscSettings of the component Misc Settings Page. The manipulation of…

  • CVE-2007-3804Jul 16, 2007
    risk 0.00cvss epss 0.02

    The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files.

  • CVE-2007-3803Jul 16, 2007
    risk 0.00cvss epss 0.02

    The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists.

  • CVE-2007-3805Jul 16, 2007
    risk 0.00cvss epss 0.01

    The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (gateway stop) via certain certificates.

  • CVE-2005-3915Nov 30, 2005
    risk 0.00cvss epss 0.03

    The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack…