Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-sz31-pb9u-73eh

Summary Tesla/SolarCity's ConnectPort X2e firmware stored cleartext credentials for the local user `python` in compiled Python ("PYC") files. This password could be used by a malicious user to establish an SSH connection to a X2e device as this user.

Aliases

alias	CVE-2020-9306

alias	FEYE-2020-0019

Fixed_packages

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-9306

reference_id

reference_type

scores

value	0.00222
scoring_system	epss
scoring_elements	0.44876
published_at	2026-05-30T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-9306

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9306

reference_url	https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-one.html
reference_id
reference_type
scores
url	https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-one.html

reference_url	https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-two.html
reference_id
reference_type
scores
url	https://www.fireeye.com/blog/threat-research/2021/02/solarcity-exploitation-of-x2e-iot-device-part-two.html

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sz31-pb9u-73eh

Vulnerability Instance