Vulnerabilities > Shelly

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-23	CVE-2023-42143	Improper Validation of Integrity Check Value vulnerability in Shelly TRV Firmware 2.1.8 Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. network low complexity shelly CWE-354	5.4
2024-01-23	CVE-2023-42144	Cleartext Transmission of Sensitive Information vulnerability in Shelly TRV Firmware 2.1.8 Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password. local low complexity shelly CWE-319	5.5
2023-08-02	CVE-2023-33383	Out-of-bounds Read vulnerability in Shelly PRO 4PM Firmware 0.11.0 Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload. network low complexity shelly CWE-125	5.3

Vulnerabilities > Shelly {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Shelly"}]}