CVE advisoryCRITICAL
CVE-2022-46640
Nanoleaf Desktop App Command Injection Vulnerability
Halo Surface Signal: 2 out of 5 — less likely to be public-facing.
The Nanoleaf Desktop App has a command injection vulnerability allowing remote execution of commands via crafted HTTP requests, impacting versions before 1.3.1. Attackers could exploit this if the app is network-accessible, potentially leading to unauthorized system control or data compromise. Confirming its use and ne