Skip to main content

Wattbox Wb 300 Ip 3 Firmware

4 CVEs product

Monthly

CVE-2023-23582 CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-22389 MEDIUM This Month

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore->Backup Settings, which could be read by any. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-24020 CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-22315 HIGH This Week

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Wattbox Wb 300 Ip 3 Firmware
NVD
CVSS 3.1
7.8
EPSS
0.1%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore->Backup Settings, which could be read by any. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wattbox Wb 300 Ip 3 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wattbox Wb 300 Ip 3 Firmware
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Wattbox Wb 300 Ip 3 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy