COOEY // HUBcompliance · community · intelligence

FAIL › dossier

nanoleaf vendor

2
failure events
0
zero-days
2
RCEs
0
on KEV
2
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2023-04-27 CVE-2022-47758 critical ⚡RCE 50 Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack.
2023-04-18 CVE-2022-46640 critical ⚡RCE 50 Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request.