26 matches found
EUVD-2018-3507
Malware in sbrugna...
EUVD-2019-4380
Malware in sbrugna...
EUVD-2018-3509
Malware in sbrugna...
EUVD-2018-3508
Malware in sbrugna...
obd2-shop.eu Improper Access Control vulnerability OBB-3825019
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
obd2-shop.eu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1035302 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting obd2-shop.eu website and...
CVE-2019-12797
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle...
CVE-2019-12797
CVE-2019-12797 concerns a clone of the ELM327 OBD2 Bluetooth device that exposes a hardcoded PIN. The root cause is a hardcoded PIN allowing an attacker to send arbitrary commands to a vehicle’s OBD‑II bus. Affected is the Elm327 OBD2 Bluetooth device family (clone variants); impact includes arbi...
CVE-2019-12797
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle...
Design/Logic Flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11476
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...
CVE-2018-11478
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
Authentication flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...
Design/Logic Flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11476
The CVE-2018-11476 entry concerns the Vgate iCar 2 Wi‑Fi OBD2 Dongle, where the device opens an unprotected WLAN that cannot be configured with encryption or a password. This allows anyone within WLAN range to join without authentication, constituting an authentication bypass risk in the affected...
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11478
The CVE affects the Vgate iCar 2 Wi‑Fi OBD2 Dongle where the OBD port can be accessed over a local Wi‑Fi network without authentication, enabling unauthenticated access to the car data bus (e.g., CAN). The issue arises from missing authentication for OBD communications; impact is exposure of meas...
CVE-2018-11478
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
CVE-2018-11476
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...