Vulnerabilities > Opto22 > Snap PAC S1 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-40707 | Weak Password Requirements vulnerability in Opto22 Snap PAC S1 Firmware R10.3B There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials. | 7.5 |
| 2023-08-24 | CVE-2023-40709 | Resource Exhaustion vulnerability in Opto22 Snap PAC S1 Firmware R10.3B An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b | 7.5 |
| 2023-08-24 | CVE-2023-40710 | Resource Exhaustion vulnerability in Opto22 Snap PAC S1 Firmware R10.3B An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b | 7.5 |