26 matches found
EUVD-2018-3509
Malware in sbrugna...
EUVD-2019-4380
Malware in sbrugna...
EUVD-2018-3507
Malware in sbrugna...
EUVD-2018-3508
Malware in sbrugna...
obd2-shop.eu Improper Access Control vulnerability OBB-3825019
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
obd2-shop.eu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1035302 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting obd2-shop.eu website and...
CVE-2019-12797
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle...
CVE-2019-12797
CVE-2019-12797 concerns a clone of the ELM327 OBD2 Bluetooth device that exposes a hardcoded PIN. The root cause is a hardcoded PIN allowing an attacker to send arbitrary commands to a vehicle’s OBD‑II bus. Affected is the Elm327 OBD2 Bluetooth device family (clone variants); impact includes arbi...
CVE-2019-12797
A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN, leading to arbitrary commands to an OBD-II bus of a vehicle...
CVE-2018-11478
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
Authentication flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...
Design/Logic Flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
Design/Logic Flaw
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11476
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11478
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car different for every vendor / car product line / car. No...
CVE-2018-11476
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication...
CVE-2018-11477
CVE-2018-11477 affects Vgate iCar 2 Wi‑Fi OBD2 Dongle. The issue is that data packets between the mobile apps (iOS/Android) and the dongle are not encrypted, and there is a lack of wireless network protection. This potentially allows an attacker on the same network to access transferred car data....
CVE-2018-11477
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the...
CVE-2018-11478
The CVE affects the Vgate iCar 2 Wi‑Fi OBD2 Dongle where the OBD port can be accessed over a local Wi‑Fi network without authentication, enabling unauthenticated access to the car data bus (e.g., CAN). The issue arises from missing authentication for OBD communications; impact is exposure of meas...