CVE-2016-6544

getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device...

CVE-2016-6544

CVE-2016-6544 affects iTrack Easy and concerns a missing authentication for a critical function: the getgps data can be modified by setting the parameter cmd:setothergps, enabling an unauthenticated attacker to alter GPS data of a lost device. The connected documents confirm the root cause is lac...

CVE-2016-6544 iTrack Easy's getgps data can be modified without authentication

getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device...

iTrack Easy contains multiple vulnerabilities

Overview iTrack Easy contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-200: Information Exposure - CVE-2016-6542The iTrack device tracking ID number is the device's BLE MAC address. It can be obtained by being in range of the...