{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T03:33:50.982","vulnerabilities":[{"cve":{"id":"CVE-2023-22315","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2023-01-30T22:15:12.517","lastModified":"2024-11-21T07:44:30.813","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nSnap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network (LAN) protocol that does not verify updates to the device. An attacker could upload a malformed update file to the device and execute arbitrary code. \n\n\n\n\n"},{"lang":"es","value":"Snap One Wattbox WB-300-IP-3 versiones WB10.9a17 y anteriores utilizan un protocolo de red de área local (LAN) propietario que no verifica las actualizaciones del dispositivo. Un atacante podría cargar un archivo de actualización con formato incorrecto en el dispositivo y ejecutar código arbitrario."}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:snapav:wattbox_wb-300-ip-3_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"wb10.9a17","matchCriteriaId":"E28B67B3-9913-4DBC-AB7D-C1B89951CE83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:snapav:wattbox_wb-300-ip-3:-:*:*:*:*:*:*:*","matchCriteriaId":"97D903E1-0BA7-4CE5-8955-63B7F98ACC9A"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-03","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}