Nanokvm
Monthly
A critical authentication bypass vulnerability in Sipeed NanoKVM KVM-over-IP devices allows unauthenticated remote attackers to hijack Wi-Fi configurations or crash the device through memory exhaustion. The vulnerability affects NanoKVM versions before 2.3.1 and enables attackers with network access to redirect the device to attacker-controlled networks or cause denial of service. While not currently in CISA KEV, the issue has been analyzed by security researchers and a patch is available from the vendor.
A critical authentication bypass vulnerability in Sipeed NanoKVM KVM-over-IP devices allows unauthenticated remote attackers to hijack Wi-Fi configurations or crash the device through memory exhaustion. The vulnerability affects NanoKVM versions before 2.3.1 and enables attackers with network access to redirect the device to attacker-controlled networks or cause denial of service. While not currently in CISA KEV, the issue has been analyzed by security researchers and a patch is available from the vendor.