Vulnerabilities > Snapav

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-30	CVE-2023-22389	Unprotected Storage of Credentials vulnerability in Snapav Wattbox Wb-300-Ip-3 Firmware Wb10.9A17 Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–>Backup Settings, which could be read by any user accessing the file. network low complexity snapav CWE-256	6.5
2023-01-30	CVE-2023-23582	Out-of-bounds Write vulnerability in Snapav Wattbox Wb-300-Ip-3 Firmware Wb10.9A17 Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely. network low complexity snapav CWE-787 critical	9.8
2023-01-30	CVE-2023-22315	Insufficient Verification of Data Authenticity vulnerability in Snapav Wattbox Wb-300-Ip-3 Firmware Wb10.9A17 Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. local low complexity snapav CWE-345	7.8
2023-01-30	CVE-2023-24020	Improper Restriction of Excessive Authentication Attempts vulnerability in Snapav Wattbox Wb-300-Ip-3 Firmware Wb10.9A17 Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass the brute force protection, allowing multiple attempts to force a login. network low complexity snapav CWE-307 critical	9.8

Vulnerabilities > Snapav {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Snapav"}]}