CVE-2026-21411 | Plat'Home OpenBlocks IoT FX1 up to 5.0.8 authentication bypass

A vulnerability classified as critical has been found in Plat’Home OpenBlocks IoT DX1, OpenBlocks IoT EX, BX models, OpenBlocks IX9 models with FW, OpenBlocks IoT VX2, OpenBlocks IDM RX1 and OpenBlocks IoT FX1 up to 5.0.8. Affected by this issue is some unknown functionality. Performing a manipulation results in authentication bypass using alternate channel.

This vulnerability is identified as CVE-2026-21411. The attack can only be performed from the local network. There is not any exploit available.

CVE-2026-21411 | Plat’Home OpenBlocks IoT FX1 up to 5.0.8 authentication bypass

Post correlati

CVE-2024-37661 | TP-LINK TL-7DR5130 1.0.23 ICMP Redirect Message Remote Code Execution

CVE-2024-40456 | ThinkSAAS 3.7.0 update.php name sql injection

CVE-2025-49462 | Zoom Workplace/Rooms/Rooms Controller/Meeting SDK up to 6.4.4 cross site scripting

CVE-2025-56236 | FormCms 0.5.5 Avatar Upload cross site scripting (Issue 27)