Pro 4PM
by Shelly
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11243 | Hig | 0.54 | — | 0.00 | Nov 19, 2025 | Allocation of Resources Without Limits or Throttling vulnerability in Shelly Pro 4PM (before v1.6) allows Excessive Allocation via network. | ||
| CVE-2023-33383 | 0.03 | — | 0.02 | Aug 2, 2023 | Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload. |
- risk 0.54cvss —epss 0.00
Allocation of Resources Without Limits or Throttling vulnerability in Shelly Pro 4PM (before v1.6) allows Excessive Allocation via network.
- CVE-2023-33383Aug 2, 2023risk 0.03cvss —epss 0.02
Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload.