exploitDog

GHSA-pvqm-26fc-q6j6

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.

The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.

Ссылки

EPSS

Процентиль: 30%

0.0011

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2019-12500

CVSS3: 6.5

nvd

больше 6 лет назад

The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "suddenly accelerate" commands. This occurs because Bluetooth Low Energy commands have no server-side authentication check. Other affected commands include suddenly braking, locking, and unlocking.

EPSS

Процентиль: 30%

0.0011

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-306