Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
Snap One Wattbox 数据伪造问题漏洞
Vulnerability Description
Snap One Wattbox是Snap One公司的一系列电源解决方案。 Snap One Wattbox WB-300-IP-3 WB10.9a17版本及之前版本存在数据伪造问题漏洞,该漏洞源于使用专用局域网(LAN)协议,不验证设备更新。攻击者利用该漏洞将格式错误的文件上传到设备并执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A