PT-2026-27782 · Nanoleaf · Nanoleaf Lines
Souvik Kandar
·
Published
2026-03-25
·
Updated
2026-03-25
·
CVE-2026-33268
CVSS v3.1
6.5
Medium
| AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Nanoleaf Lines versions 12.3.2 through 12.3.5
Description
Nanoleaf Lines does not properly authenticate firmware file uploads. This allows a remote, unauthenticated attacker to upload firmware files to the device, potentially consuming storage resources.
Recommendations
Update to version 12.3.6 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nanoleaf Lines