RSS   Vulnerabilities for 'Server'   RSS

2019-01-09
 
CVE-2019-5748

CWE-611
 

 
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.

 
2018-12-20
 
CVE-2018-1000881

CWE-94
 

 
Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later.

 

 >>> Vendor: Traccar 2 Products
Server
Traccar


Copyright 2024, cxsecurity.com

 

Back to Top