Filtered by vendor Opto22
Subscriptions
Filtered by product Snap Pac S1 Firmware
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40709 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-09-13 | 6.8 Medium |
| An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b | ||||
| CVE-2023-40710 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-09-11 | 6.8 Medium |
| An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b | ||||
| CVE-2023-40708 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-09-11 | 5.8 Medium |
| The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files. | ||||
| CVE-2023-40706 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-08-02 | 8.6 High |
| There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a brute-force attack on the built-in web server login. | ||||
| CVE-2023-40707 | 1 Opto22 | 2 Snap Pac S1, Snap Pac S1 Firmware | 2024-08-02 | 8.6 High |
| There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials. | ||||
Page 1 of 1.