📦 Signal K Server
by Signalk
🔍 What is Signal K Server?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
Signal K Server versions before 1.5.0 contain a command injection vulnerability in the set-system-time plugin that allows authenticated users with write permissions to execute arbitrary shell commands...
Signal K Server versions before 2.19.0 allow unauthenticated attackers to steal JWT authentication tokens through two chained vulnerabilities: unauthenticated WebSocket request enumeration and unauthe...
Signal K Server versions before 2.19.0 allow authenticated administrators to install npm packages from arbitrary sources via the appstore interface. This enables remote code execution through maliciou...
Signal K Server versions prior to 2.20.3 on Windows systems contain a path traversal vulnerability in the applicationData API. Authenticated users can exploit this to read, write, and list arbitrary f...
Signal K Server versions before 2.19.0 have vulnerabilities that allow attackers to craft convincing social engineering attacks against administrators. By combining misleading access request descripti...
Signal K Server versions before 2.19.0 have an unauthenticated information disclosure vulnerability that allows any user to retrieve sensitive system information including the full data schema, connec...