7 matches found
CVE-2023-40710
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b...
CVE-2023-40706
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a brute-force attack on the built-in web server login...
CVE-2023-40710
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b...
CVE-2023-40709 Uncontrolled Resource Consumption in OPTO 22 SNAP PAC S1 Built-In Web Server
An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b...
CVE-2023-40707 Weak password requirements in OPTO 22 SNAP PAC S1 Built-in Web Server
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials...
OPTO 22 SNAP PAC S1 安全漏洞
The OPTO 22 SNAP PAC S1 is a controller from OPTO 22 USA. A security vulnerability exists in OPTO 22 SNAP PAC S1 Firmware version R10.3b, which stems from an unlimited number of login attempts in the web server, allowing an attacker to brute-force the built-in web server login...
OPTO 22 SNAP PAC S1 安全漏洞
The OPTO 22 SNAP PAC S1 is a controller from OPTO 22 USA. A security vulnerability exists in the OPTO 22 SNAP PAC S1 R10.3b firmware version that stems from an improperly restricted built-in web server authentication attempt that does not mandate a complex password, which could lead to brute forc...