Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-31634. PoCs published by iSee857.
Description
In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126.
Exploits (1)
References (2)
Core 2
Core References
Scores
CVSS v3
9.8
EPSS
0.0086
EPSS Percentile
53.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-287
Status
published
Products (1)
teslamate/teslamate
< 1.27.2
Published
Mar 27, 2024
Tracked Since
Feb 18, 2026