CVE-2023-22389

Name of the Vulnerable Software and Affected Versions Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior

Description The issue concerns the storage of passwords in a plaintext file when the device configuration is exported via Save/Restore–>Backup Settings. This could allow any user accessing the file to read the passwords.

Recommendations For versions WB10.9a17 and prior, consider restricting access to the exported configuration files to minimize the risk of password exposure. As a temporary workaround, avoid using the Save/Restore–>Backup Settings feature until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.