Opto22 Snap PAC S1 Firmware R10.3b
Approved changes feed: RSS · Atom
cpe:2.3:o:opto22:snap_pac_s1_firmware:r10.3b:*:*:*:*:*:*:*
part: o version: r10.3b update: *
| Vendor | Opto22 (aaa94f4b-cda7-5382-b637-0d421d319810) |
|---|---|
| Product | Snap Pac S1 Firmware (7ca5b1b3-237e-562d-8c11-1a8c09cc9b5e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-40710 |
vulnerable | 2026-06-08 06:11:04.349684 |
Details available
MEDIUM (6.8)
An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
Published: 2023-08-24T16:09:25.235Z
Updated: 2024-09-30T19:13:20.220Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40709 |
vulnerable | 2026-06-08 06:11:04.349047 |
Uncontrolled Resource Consumption in OPTO 22 SNAP PAC S1 Built-In Web Server
MEDIUM (6.8)
An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b
Published: 2023-08-24T16:08:47.919Z
Updated: 2024-09-13T16:16:40.330Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40708 |
vulnerable | 2026-06-08 06:11:04.348458 |
Improper Access Control in OPTO 22 SNAP PAC S1
MEDIUM (5.8)
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.
Published: 2023-08-24T16:08:23.730Z
Updated: 2024-10-02T20:20:36.186Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40707 |
vulnerable | 2026-06-08 06:11:04.347761 |
Weak password requirements in OPTO 22 SNAP PAC S1 Built-in Web Server
HIGH (8.6)
There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials.
Published: 2023-08-24T16:05:48.352Z
Updated: 2024-10-02T20:23:51.426Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40706 |
vulnerable | 2026-06-08 06:11:04.346868 |
Improper Restriction of Excessive Authentication Attempts in OPTO 22 SNAP PAC S1 Built-in Web Server
HIGH (8.6)
There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a brute-force attack on the built-in web server login.
Published: 2023-08-24T16:03:36.347Z
Updated: 2024-10-02T20:24:51.286Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.