Количество 2
Количество 2
CVE-2015-2907
Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote attackers to obtain access by leveraging knowledge of the required username and password.
GHSA-36vf-gm3g-hgwj
** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote attackers to obtain access by leveraging knowledge of the required username and password. NOTE: the vendor states "This was a flaw for the developer/debugging devices (again not possible in production versions)."
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-2907 Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote attackers to obtain access by leveraging knowledge of the required username and password. | CVSS2: 9 | 1% Низкий | больше 10 лет назад |
| GHSA-36vf-gm3g-hgwj ** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, have hardcoded SSH credentials, which makes it easier for remote attackers to obtain access by leveraging knowledge of the required username and password. NOTE: the vendor states "This was a flaw for the developer/debugging devices (again not possible in production versions)." | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу