exploitDog

CVE-2022-47758

Опубликовано: 27 апр. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack.

Ссылки

http://nanoleaf.com
Product
https://pwning.tech/cve-2022-47758
Exploit
Technical Description
Third Party Advisory
https://pwning.tech/cve-2022-47758/
http://nanoleaf.com
Product
https://pwning.tech/cve-2022-47758
Exploit
Technical Description
Third Party Advisory
https://pwning.tech/cve-2022-47758/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:nanoleaf:nanoleaf_firmware:7.1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00564

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-295

CWE-295

Связанные уязвимости

GHSA-hm5x-4jqq-qcmg

CVSS3: 9.8

github

почти 3 года назад

Nanoleaf firmware v7.1.1 and below is missing an SSL certificate, allowing attackers to execute arbitrary code via a DHCP hijacking attack.

EPSS

Процентиль: 68%

0.00564

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-295

CWE-295