30 matches found
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
EUVD-2023-44885
Malicious code in bioql PyPI...
EUVD-2023-44884
Malicious code in bioql PyPI...
EUVD-2023-44886
Malicious code in bioql PyPI...
CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, provided by Harman Infotainment, allows for root access via SSH using a USB-to-Ethernet key with a password.
The vulnerability of the Project Name Handler component in navigation and multimedia systems intended for use in terrestrial vehicles, Harman Infotainment, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain root access via SSH using a...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
CVE-2023-40291
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
Code injection
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
Command injection
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
Default credentials
Harman Infotainment 20190525031613 allows root access via SSH over a USB-to-Ethernet dongle with a password that is an internal project name...
CVE-2023-40293
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC with a D-Bus connection object...
CVE-2023-40292
Harman Infotainment 20190525031613 and later discloses the IP address via CarPlay CTRL packets...
Harman Infotainment Command Injection Vulnerability
Harman Infotainment is an in-vehicle infotainment system from Harman. A security vulnerability exists in Harman Infotainment 20190525031613 and later versions that originates from allowing an attacker to perform command injection through the use of D-Bus connection objects...