RSS   Podatności dla 'Itrack easy'   RSS

2018-07-13
 
CVE-2016-6544

CWE-287
 

 
getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device.

 
 
CVE-2016-6543

CWE-284
 

 
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device.

 

 >>> Vendor: Ieasytec 2 Produkty
Itrack easy
Itrackeasy


Copyright 2024, cxsecurity.com

 

Back to Top