Skip to main content

Lines

1 CVEs product

Monthly

CVE-2026-33268 MEDIUM PATCH This Month

Nanoleaf Lines firmware versions prior to 12.3.6 lack authentication controls on firmware file upload endpoints, allowing remote unauthenticated attackers to upload arbitrary files to the device. This vulnerability enables denial-of-service attacks through storage resource exhaustion and potential firmware tampering without requiring valid credentials or user interaction. The vulnerability has a CVSS score of 6.5 (Medium) with network-based attack vector and low complexity, and is tagged with denial-of-service impact indicators in CISA reporting.

Denial Of Service Lines
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Nanoleaf Lines firmware versions prior to 12.3.6 lack authentication controls on firmware file upload endpoints, allowing remote unauthenticated attackers to upload arbitrary files to the device. This vulnerability enables denial-of-service attacks through storage resource exhaustion and potential firmware tampering without requiring valid credentials or user interaction. The vulnerability has a CVSS score of 6.5 (Medium) with network-based attack vector and low complexity, and is tagged with denial-of-service impact indicators in CISA reporting.

Denial Of Service Lines
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy