28 matches found
PT-2022-10479 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows a remote attacker to change the time, date, and month via Bluetooth LE Characteristics on handle 0x0017. Recommendations: For fastrack Reflex 2.0 W307S...
CVE-2021-35953
Summary: CVE-2021-35953 affects fastrack Reflex 2.0 W307S_REFLEX_v90.89 Activity Tracker. A remote attacker can cause a device outage (DoS) by crafting the last three bytes of a characteristic value, enabling unauthenticated network access to trigger the issue. The vulnerability surface centers o...
Thinkst Canarytokens 跨站脚本漏洞
Thinkst Canarytokens is a web activity tracking system. Thinkst Canarytokens suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to execute Javascript code...
Malicious code in gd-activity-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3301 Malicious code in gd-activity-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be919ac20b6023e27b37ab04354acc2fe0d76aadf72ab3ccea2dafed5df390a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Design/Logic Flaw
On Fitbit activity-tracker devices, certain addresses never change. According to the popets-2019-0036.pdf document, this leads to "permanent trackability" and "considerable privacy concerns" without a user-accessible anonymization feature. The devices, such as Charge 2, transmit Bluetooth Low...
CVE-2014-10374
CVE-2014-10374 concerns Fitbit activity-tracker devices where BLE advertising uses a TxAdd flag for random addresses, but the addresses remain constant. This leads to “permanent trackability” and privacy concerns when a device is sniffed at multiple fixed locations, enabling an adversary to tell ...
Samsung Activity Tracker - Dangerous filesystem permissions, Exported ContentProvider, MIT license vulnerabilities
HackApp vulnerability scanner discovered that application Samsung Activity Tracker published at the 'play' market has multiple vulnerabilities...