Vulnerabilities (CVE)

Filtered by vendor Shelly Subscribe
Filtered by product Trv
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-42144 1 Shelly 2 Trv, Trv Firmware 2024-02-28 N/A 5.5 MEDIUM
Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password.
CVE-2023-42143 1 Shelly 2 Trv, Trv Firmware 2024-02-28 N/A 5.4 MEDIUM
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware.