Snap One OvrC cloud servers contain a route an attacker can use to bypass requirements and claim devices outright.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HControl4 Ca 1
HWControl4wszystkie wersjeControl4 Ca 10
HWControl4wszystkie wersjeControl4 Ea 1
HWControl4wszystkie wersjeControl4 Ea 3
HWControl4wszystkie wersjeControl4 Ea 5
HWControl4wszystkie wersjeSnapone An 110 Rt 2l1w
HWSnaponewszystkie wersjeSnapone An 110 Rt 2l1w Wifi
HWSnaponewszystkie wersjeSnapone An 310 Rt 4l2w
HWSnaponewszystkie wersjeSnapone Orvc
APPSnapone< 7.3.0Snapone Ovrc 300 Pro
HWSnaponewszystkie wersjeSnapone Pakedge Rk 1
HWSnaponewszystkie wersjeSnapone Pakedge Rt 3100
HWSnaponewszystkie wersjeSnapone Pakedge Wr 1
HWSnaponewszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2023-28649HIGH8.6ten sam produkt
The Hub in the Snap One OvrC cloud platform is a device used to centralize and manage nested devices connected...
CVE-2023-28386HIGH8.6ten sam produkt
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware updates correctly. The device only c...
CVE-2023-31245HIGH7.1ten sam produkt
Devices using Snap One OvrC cloud are sent to a web address when accessing a web mana...
CVE-2023-25183HIGH8.3ten sam produkt
In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser ac...
CVE-2023-31193HIGH7.5ten sam produkt
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from thei...