VYPR
Vendor

Peloton

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2021-40527HigOct 25, 2021
    risk 0.56cvss 8.6epss 0.01

    Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the…

  • CVE-2021-33887MedJun 15, 2021
    risk 0.44cvss 6.8epss 0.00

    Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader.