Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-46603

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.10 views

CVE-2023-42143

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware...

5.4CVSS7AI score0.00155EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:19 a.m.7 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.5CVSS6.6AI score0.00108EPSS
Exploits0
NVD
NVD
added 2024/01/23 8:15 p.m.18 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.5CVSS5.3AI score0.00108EPSS
Exploits0References1
NVD
NVD
added 2024/01/23 8:15 p.m.20 views

CVE-2023-42143

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware...

5.4CVSS5.5AI score0.00155EPSS
Exploits0References1
Prion
Prion
added 2024/01/23 8:15 p.m.16 views

Design/Logic Flaw

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

1.7CVSS6.8AI score0.00108EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/23 12:0 a.m.4 views

CVE-2023-42143

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware...

7.1AI score0.00155EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/23 12:0 a.m.5 views

PT-2024-13034 · Allterco · Shelly Trv

Name of the Vulnerable Software and Affected Versions: Shelly TRV version 2.1.8 Description: The issue allows a local attacker to obtain the Wi-Fi password due to cleartext transmission during the initial setup. Recommendations: For Shelly TRV version 2.1.8, update to a version that addresses the...

5.5CVSS5.5AI score0.00108EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/01/23 12:0 a.m.15 views

CVE-2023-42143

Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware...

5.7AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.4 views

Shelly TRV Security Vulnerability

Shelly TRV is a Wi-Fi connected radiator thermostat from Shelly. A security vulnerability exists in Shelly TRV version 20220811-152343 v2.1.8, which stems from a lack of integrity checking and allows a malicious user to create a backdoor via redirection...

5.4CVSS6.8AI score0.00155EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.3 views

Shelly TRV Security Vulnerability

Shelly TRV is a Wi-Fi connected radiator thermostat from Shelly. A security vulnerability exists in Shelly TRV version 20220811-152343 v.2.1.8, which stems from a plaintext transmission during initial setup that allows a local attacker to obtain the Wi-Fi password...

5.5CVSS6.5AI score0.00108EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/23 12:0 a.m.20 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.6AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2024/01/23 12:0 a.m.36 views

CVE-2023-42144

CVE-2023-42144 affects Shelly TRV 20220811-15234 v2.1.8. Root cause is cleartext transmission during initial setup, enabling a local attacker to obtain the Wi‑Fi password. Public exploit details are not provided. Remediation guidance in the connected docs points to updating Shelly TRV to a versio...

5.5CVSS5.3AI score0.00108EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/23 12:0 a.m.1 views

CVE-2023-42144

Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password...

5.2AI score0.00108EPSS
Exploits0References1
CVE
CVE
added 2024/01/23 12:0 a.m.48 views

CVE-2023-42143

CVE-2023-42143 affects Shelly TRV, version 20220811-152343/v2.1.8. The issue is a Missing Integrity Check that can let an attacker redirect the device to a controlled host serving manipulated firmware, leading to the device updating with compromised firmware. The available documents do not provid...

5.4CVSS5.4AI score0.00155EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder