Opto22 Snap Pac S1 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Opto22 Snap Pac S1 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-40706 — CVSS 8.6 (high): There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a…
CVE-2023-40707 — CVSS 8.6 (high): There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could…
CVE-2023-40709 — CVSS 6.8 (medium): An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server…
CVE-2023-40710 — CVSS 6.8 (medium): An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller…
CVE-2023-40708 — CVSS 5.8 (medium): The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to…