Browse all 7 CVE security advisories affecting Cybonet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Cybonet develops remote administration and monitoring tools for IT infrastructure management. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with seven CVEs documented to date. The software's broad system access permissions have made it attractive to threat actors, particularly in ransomware campaigns where compromised instances have been used as initial access vectors. Security researchers have noted that some vulnerabilities stemmed from insufficient input validation and insecure default configurations, highlighting ongoing challenges in secure development practices for system administration utilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-41695 | Cybonet - CWE-22: Improper Limitation of a Pathname to a Restricted Directory — PineApp Mail RelayCWE-22 | 7.5 | High | 2024-07-30 |
| CVE-2024-41694 | Cybonet – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor — PineApp Mail RelayCWE-200 | 5.3 | Medium | 2024-07-30 |
| CVE-2023-31183 | Cybonet PineApp Mail Secure RXSS vulnerability — PineAppCWE-79 | 6.1 | Medium | 2023-05-08 |
| CVE-2022-22793 | Cybonet - PineApp Mail Relay Local File Inclusion — Pineapp Mail Relay | 6.1 | Medium | 2022-02-24 |
| CVE-2022-22794 | Cybonet - PineApp Mail Relay Unauthenticated Sql Injection — Pineapp Mail Relay | 6.8 | Medium | 2022-02-24 |
| CVE-2021-36719 | Cybonet - PineApp — PineApp - Mail Secure | 8.8 | - | 2021-12-08 |
| CVE-2021-36720 | Cybonet - PineApp — PineApp - Mail Secure | 6.1 | - | 2021-12-08 |
This page lists every published CVE security advisory associated with Cybonet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.