CVE-2023-40710
CVE-2023-40710
In short
A device can be forced into an endless restart loop by flooding it with many HTTP requests if its web server is enabled but not properly configured. This causes the device to stop working until someone manually fixes it.
Technical detail
CWE-770 vulnerability in SNAP PAC S1 Firmware R10.3b allows denial of service through resource exhaustion. An adversary sending a large quantity of HTTP GET requests to an incompletely configured built-in web server triggers continuous device restarts, requiring manual intervention for recovery.
Summary generated and translated by AI from the official description.
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Affected products
OPTO 22 · SNAP PAC S1Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →