Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2024/03/27 6:15 a.m.4 views

CVE-2023-31634

In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and...

9.8CVSS7.4AI score0.0227EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.5 views

TeslaMate 安全漏洞

TeslaMate is an open source project, a self-hosted data logger for Tesla. A security vulnerability exists in versions of TeslaMate prior to 1.27.2. After accessing the IP address of a TeslaMate instance, an attacker could switch port to 3000 and enter Grafana to perform remote operations...

9.8CVSS6.7AI score0.00856EPSS
Exploits0References3
Snyk
Snyk
added 2022/05/06 10:30 a.m.4 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the gitserver service. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it...

7.2CVSS7.2AI score0.01235EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/24 7:15 p.m.23 views

CVE-2022-23126

TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...

9.8CVSS5.8AI score0.0227EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/01/24 12:0 a.m.6 views

PT-2022-15870 · Teslamate +1 · Teslamate +1

Name of the Vulnerable Software and Affected Versions: TeslaMate versions prior to 1.25.1 Description: The issue allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login acces...

9.8CVSS9.2AI score0.0227EPSS
Exploits0References11
OSV
OSV
added 2021/05/07 3:15 p.m.4 views

CVE-2021-27437

The affected product allows attackers to obtain sensitive information from the WISE-PaaS dashboard. The system contains a hard-coded administrator username and password that can be used to query Grafana APIs. Authentication is not required for exploitation on the WISE-PaaS/RMM versions prior to...

9.1CVSS7.3AI score0.01242EPSS
Exploits0References1
Rows per page
Query Builder