Vulnerabilities > Nanoleaf

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-31	CVE-2023-45955	Unspecified vulnerability in Nanoleaf Lightstrip Firmware 3.5.10 An issue discovered in Nanoleaf Light strip v3.5.10 allows attackers to cause a denial of service via crafted write binding attribute commands. network low complexity nanoleaf	7.5
2023-10-10	CVE-2023-42189	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. network low complexity tapo nanoleaf govee switchbot phillips yeelight tp-link orein eve CWE-732	7.5
2023-04-27	CVE-2022-47758	Improper Certificate Validation vulnerability in Nanoleaf Firmware 7.1.1 Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack. network low complexity nanoleaf CWE-295 critical	9.8
2023-04-18	CVE-2022-46640	Command Injection vulnerability in Nanoleaf Desktop Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request. network low complexity nanoleaf CWE-77 critical	9.8

Vulnerabilities > Nanoleaf {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Nanoleaf"}]}