CVE-2022-47758
9.8CRITICALNanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack.
Published: 4/27/2023Updated: 1/31/2025
Description
Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack.
AI AnalysisPowered by AI
Affected Products
nanoleafnanoleaf_firmware
7.1.1
References
- http://nanoleaf.comProduct
- https://pwning.tech/cve-2022-47758ExploitTechnical DescriptionThird Party Advisory
- https://pwning.tech/cve-2022-47758/
- http://nanoleaf.comProduct
- https://pwning.tech/cve-2022-47758ExploitTechnical DescriptionThird Party Advisory
- https://pwning.tech/cve-2022-47758/