Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opto22 snap pac s1 firmware r10.3b vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-40706
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a brute-force attack on the built-in web server login.
Opto22 Snap Pac S1 Firmware R10.3b
7.5
CVSSv3
CVE-2023-40707
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials.
Opto22 Snap Pac S1 Firmware R10.3b
7.5
CVSSv3
CVE-2023-40709
An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
Opto22 Snap Pac S1 Firmware R10.3b
7.5
CVSSv3
CVE-2023-40710
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware v...
Opto22 Snap Pac S1 Firmware R10.3b
5.3
CVSSv3
CVE-2023-40708
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.
Opto22 Snap Pac S1 Firmware R10.3b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started