Vulnerability Monitor

Type: Primary CWE-295
Type: Secondary CWE-295

The vendors, products, and vulnerabilities you care about

CVE-2022-47758

Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack.

2023-04-27T02:15:08.973

2025-01-31T20:15:29.623

Modified

CVSSv3.1: 9.8 (CRITICAL)

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	nanoleaf	nanoleaf_firmware	7.1.1	Yes

http://nanoleaf.com Product ([email protected])
https://pwning.tech/cve-2022-47758 Exploit, Technical Description, Third Party Advisory ([email protected])
https://pwning.tech/cve-2022-47758/ ([email protected])
http://nanoleaf.com Product (af854a3a-2127-422b-91ae-364da2661108)
https://pwning.tech/cve-2022-47758 Exploit, Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://pwning.tech/cve-2022-47758/ (af854a3a-2127-422b-91ae-364da2661108)