Home

Description

Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with access to the device label or documentation containing these values can authenticate to the several endpoints and execute arbitrary commands as root on the device.

PUBLISHED Reserved 2026-04-20 | Published 2026-04-28 | Updated 2026-04-29 | Assigner VulnCheck




CRITICAL: 9.2CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-912 Hidden Functionality

CWE-798 Use of Hard-coded Credentials

Product status

Default status
unaffected

Any version before 2.10.0.0
affected

Default status
unaffected

Any version before 2.10.0.0
affected

Credits

Anonymous finder

References

help.snapone.com/...w/Content/FW RN/8x0/8x0 series FW RN.htm release-notes patch

cve.org (CVE-2026-41446)

nvd.nist.gov (CVE-2026-41446)

Download JSON