The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected to it. A vulnerability exists in which an attacker could impersonate a hub and send device requests to claim already claimed devices. The OvrC cloud platform receives the requests but does not validate if the found devices are already managed by another user.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HSnapone Orvc
APPSnapone< 7.3.0Snapone Ovrc 300 Pro
HWSnaponewszystkie wersje
Powiązane podatności
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from thei...
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only c...
Devices using Snap One OvrC cloud are sent to a web address when accessing a web mana...
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser ac...
Snap One OvrC Pro versions prior to 7.2 have their own locally running web server accessible both from the loc...