Vulnerabilidades en Snap One
14 resultadosCVE-2023-23582MEDIUM
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to EPSS 0.8%CVE-2023-31241HIGHSnap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.EPSS 0.8%CVE-2023-24020HIGH
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a loEPSS 0.6%CVE-2023-25183HIGH
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appEPSS 0.6%CVE-2023-31240HIGHSnap One OvrC Pro versions prior to 7.2 have their own locally running web server accessible both from the local network and remotely. OvrC EPSS 0.5%CVE-2024-50381HIGHMissing Authentication for Critical Function in Snap One OVRC cloudEPSS 0.5%CVE-2023-28649HIGHThe Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability existsEPSS 0.5%CVE-2023-28412MEDIUM
When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. The MAC address of dEPSS 0.5%CVE-2023-22389MEDIUM
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported viaEPSS 0.5%CVE-2024-50380HIGHAuthentication Bypass by Spoofing in Snap One OVRC cloudEPSS 0.5%CVE-2023-28386HIGHSnap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only calculates the MD5 hash of the EPSS 0.4%CVE-2023-31245HIGH
Devices using Snap One OvrC cloud are sent to a web address when accessing a web management interface using a HTTP EPSS 0.4%CVE-2023-31193HIGH
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do notEPSS 0.4%CVE-2023-22315MEDIUM
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates EPSS 0.1%