Skip to content

An adversary could crash the entire device by sending a...

High severity Unreviewed Published Aug 24, 2023 to the GitHub Advisory Database • Updated Sep 11, 2024

Package

No package listedSuggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b

References

Published by the National Vulnerability Database Aug 24, 2023
Published to the GitHub Advisory Database Aug 24, 2023
Last updated Sep 11, 2024

Severity

High

EPSS score

0.078%
(35th percentile)

Weaknesses

CVE ID

CVE-2023-40709

GHSA ID

GHSA-8frv-2qrv-c3x2

Source code

No known source code

Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.

Learn more about GitHub language support

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.