25 matches found
Snap One Wattbox 信任管理问题漏洞
The Snap One Wattbox is a series of power solutions developed by Snap One Corporation. The Snap One WattBox 800 and 820, versions prior to 2.10.0.0, had a trust management vulnerability. This vulnerability stemmed from the inclusion of undisclosed diagnostic HTTP endpoints, which could allow...
EUVD-2023-28084
Malicious code in bioql PyPI...
EUVD-2023-26552
Malicious code in bioql PyPI...
EUVD-2023-26478
Malicious code in bioql PyPI...
EUVD-2023-27682
Malicious code in bioql PyPI...
CVE-2023-24020
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login...
CVE-2023-22389
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–Backup Settings, which could be read by any user accessing the file...
CVE-2023-22315
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network LAN protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code...
CVE-2023-22389
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–Backup Settings, which could be read by any user accessing the file...
CVE-2023-22315
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network LAN protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code...
CVE-2023-24020
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login...
Design/Logic Flaw
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login...
Code injection
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network LAN protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code...
CVE-2023-23582
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely...
CVE-2023-23582
Summary of CVE-2023-23582 (Snap One Wattbox WB-300-IP-3) : A heap-based buffer overflow affects Snap One Wattbox WB-300-IP-3, versions WB10.9a17 and prior. The vulnerability could allow an attacker to execute arbitrary code or crash the device remotely. Mitigation provided in the connected adviso...
CVE-2023-22389
CVE-2023-22389 affects Snap One Wattbox WB-300-IP-3 (versions WB10.9a17 and prior). The vulnerability is plaintext storage of passwords when the device configuration is exported via Save/Restore–>Backup Settings, allowing any user with access to the exported file to read passwords. Other conne...
CVE-2023-22389
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–Backup Settings, which could be read by any user accessing the file...
CVE-2023-22389
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–Backup Settings, which could be read by any user accessing the file...
CVE-2023-22315
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network LAN protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code...
CVE-2023-22315
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network LAN protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code...