cvedb.io
CVE-2018-11477
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2018-05-30T21:29:00.473 · Last modified 2026-06-17T01:36:01.120

Summary

An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the public.

Affected products

vgate — icar_2_wi-fi_obd2_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when vgate ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.