CVE-2023-22315

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-345
View all →

Vulnerability Description

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code.

Related Vulnerabilities

CVE-2017-0563

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Crit...

CWE-3452017

CVE-2019-0805

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE...

CWE-3452019

CVE-2019-10492

HIGH
CVSS:7.8(High)

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD...

CWE-3452019

CVE-2019-18829

HIGH
CVSS:7.8(High)

Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads...

CWE-3452019

CVE-2020-14111

HIGH
CVSS:7.8(High)

A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by a lack of inspection for incoming data detection. Attackers can exploit this vulnerability to execu...

CWE-3452020

CVE-2020-26893

HIGH
CVSS:7.8(High)

An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed copy of ClamXAV 2 (running with an injected malicious dylib) to communicate with ClamXAV 3's helper too...

CWE-3452020