15 matches found
EUVD-2017-14343
Malware in sbrugna...
EUVD-2017-14342
Malware in sbrugna...
Eview EV-07S GPS Tracker Security Bypass Vulnerability
The Eview EV-07S GPS Tracker is a GPS tracking device for personal safety and personal protection. A security vulnerability exists in the phone number of the Eview EV-07S GPS Tracker, which originates from a lack of authentication in the program. The vulnerability can be exploited to restore the...
Eview EV-07S GPS Buffer Overflow Vulnerability
The Eview EV-07S GPS Tracker is a GPS tracking device for personal safety and personal protection. A buffer overflow vulnerability exists in the Eview EV-07S GPS Tracker, which arises from the program failing to perform sufficient boundary checks. An attacker can exploit the vulnerability by...
Eview EV-07S GPS Tracker Information Disclosure Vulnerability
The Eview EV-07S GPS Tracker is a GPS tracking device for personal safety and personal protection. A security vulnerability exists in the Eview EV-07S GPS Tracker. The vulnerability can be exploited by an attacker to obtain sensitive information GPS data, etc...
CVE-2017-5238
Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field...
CVE-2017-5237
Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!"...
Out-of-bounds
Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field...
Default configuration
Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!"...
Information disclosure
Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle MitM listener...
CVE-2017-5239
CVE-2017-5239 concerns the Eview EV-07S GPS Tracker, where information disclosure occurs due to a lack of standard encryption when transmitting sensitive data (e.g., GPS data, IMEI) to a centralized monitoring service. The vulnerability implies potential MITM exposure of PII over the network. The...
CVE-2017-5238
The CVE-2017-5238 entry concerns the Eview EV-07S GPS Tracker, where a buffer/overflow happens due to insufficient boundary checks in several input configuration fields. The CNVD entry confirms the root cause as a lack of bounds checking that allows overflowing data from one variable into another...
CVE-2017-5237
CVE-2017-5237 affects the Eview EV-07S GPS Tracker. The issue stems from a lack of authentication, allowing an unauthenticated user who knows the device’s phone number to revert it to factory default via an SMS command (“RESET!”). This corresponds to a high impact on availability (CVSSv3: 7.5) wi...
CVE-2017-5239
Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying information, such as GPS data and IMEI numbers, to any man-in-the-middle MitM listener...
CVE-2017-5238
Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field...