4 matches found
CVE-2016-6544
getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device...
CVE-2016-6544 iTrack Easy's getgps data can be modified without authentication
getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device...
CVE-2016-6544
CVE-2016-6544 affects iTrack Easy and concerns a missing authentication for a critical function: the getgps data can be modified by setting the parameter cmd:setothergps, enabling an unauthenticated attacker to alter GPS data of a lost device. The connected documents confirm the root cause is lac...
iTrack Easy contains multiple vulnerabilities
Overview iTrack Easy contains multiple vulnerabilities including sensitive information exposure and missing authentication. Description CWE-200: Information Exposure - CVE-2016-6542The iTrack device tracking ID number is the device's BLE MAC address. It can be obtained by being in range of the...